Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

redirect in googlechrome and ie


  • This topic is locked This topic is locked
14 replies to this topic

#1 suppliersyd

suppliersyd

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:09:03 AM

Posted 16 July 2012 - 05:21 AM

I am getting redirected to searchignited webpage

running win7

logs:
Security Check

Results of screen317's Security Check version 0.99.42
Windows 7 x64 (UAC is enabled)
Out of date service pack!!
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Norton Internet Security
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Spybot - Search & Destroy
Malwarebytes Anti-Malware version 1.62.0.1300
Java™ 6 Update 31
Java version out of Date!
Adobe Flash Player 10 Flash Player out of Date!
Adobe Reader 9 Adobe Reader out of Date!
Google Chrome 20.0.1132.47
Google Chrome 20.0.1132.57
````````Process Check: objlist.exe by Laurent````````
Norton ccSvcHst.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````

DDS

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Syd and Melitta at 20:16:47 on 2012-07-16
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.61.1033.18.3959.1714 [GMT 10:00]
.
AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: STOPzilla Anti-Spyware *Disabled/Updated* {B2E69928-50DC-94CA-6A80-AAB054008761}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\nvvsvc.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files (x86)\Internode\mum.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
C:\Users\Syd and Melitta\AppData\Roaming\xsecva\xsecva.exe
C:\Program Files (x86)\PIXELA\Everio MediaBrowser HD Edition\MBCameraMonitor.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Users\Syd and Melitta\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE
C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
C:\Program Files (x86)\Hewlett-Packard\Buttons & OSDs control application gen3\FastUserSwitching.exe
C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\hp\Digital Imaging\bin\HpqSRmon.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\QuickTime\QTTask.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\Hewlett-Packard\Buttons & OSDs control application gen3\JAN2OSD.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\taskeng.exe
c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Common Files\iS3\Anti-Spyware\SZServer.exe
C:\Program Files (x86)\STOPzilla!\STOPzilla.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\IPSBHO.DLL
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
uRun: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
uRun: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
uRun: [InternodeUsage] C:\PROGRA~2\INTERN~2\mum.exe
uRun: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [XSECVA] C:\Users\Syd and Melitta\AppData\Roaming\xsecva\xsecva.exe -s
uRun: [obsvci] "C:\Windows\System32\rundll32.exe" "C:\Users\Syd and Melitta\AppData\Roaming\obsvci.dll",GetPCDResolution
uRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_257_ActiveX.exe -update activex
mRun: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
mRun: [HP KEYBOARDx] "C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE"
mRun: [HP Remote Solution] %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
mRun: [Buttons & OSDs control application gen3] c:\Program Files (x86)\Hewlett-Packard\Buttons & OSDs control application gen3\FastUserSwitching.exe
mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [NBAgent] "C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
StartupFolder: C:\Users\SYDAND~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Syd and Melitta\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\SYDAND~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\LIMEWI~1.LNK - C:\Program Files (x86)\LimeWire\LimeWire.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CAMERA~1.LNK - C:\Program Files (x86)\PIXELA\Everio MediaBrowser HD Edition\MBCameraMonitor.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: EnableLinkedConnections = 1 (0x1)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 10.1.1.1
TCP: Interfaces\{AF6301F8-70C7-4703-B8B7-54EFEE8C05C4} : DhcpNameServer = 10.1.1.1
TCP: Interfaces\{DF377C97-2501-4640-8D1E-7B0F4407108B} : DhcpNameServer = 10.1.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll
BHO-X64: Symantec NCO BHO - No File
BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\IPSBHO.DLL
BHO-X64: Symantec Intrusion Prevention - No File
BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO-X64: Search Helper - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
mRun-x64: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
mRun-x64: [HP KEYBOARDx] "C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE"
mRun-x64: [HP Remote Solution] %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
mRun-x64: [Buttons & OSDs control application gen3] c:\Program Files (x86)\Hewlett-Packard\Buttons & OSDs control application gen3\FastUserSwitching.exe
mRun-x64: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun-x64: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [NBAgent] "C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
.
============= SERVICES / DRIVERS ===============
.
R0 NBVol;Nero Backup Volume Filter Driver;C:\Windows\system32\DRIVERS\NBVol.sys --> C:\Windows\system32\DRIVERS\NBVol.sys [?]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver;C:\Windows\system32\DRIVERS\NBVolUp.sys --> C:\Windows\system32\DRIVERS\NBVolUp.sys [?]
R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\NISx64\1109000.00C\SYMDS64.SYS --> C:\Windows\system32\drivers\NISx64\1109000.00C\SYMDS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\NISx64\1109000.00C\SYMEFA64.SYS --> C:\Windows\system32\drivers\NISx64\1109000.00C\SYMEFA64.SYS [?]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100901.003\BHDrvx64.sys [2010-9-1 954928]
R1 ccHP;Symantec Hash Provider;C:\Windows\system32\drivers\NISx64\1109000.00C\ccHPx64.sys --> C:\Windows\system32\drivers\NISx64\1109000.00C\ccHPx64.sys [?]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100916.001\IDSviA64.sys [2010-9-17 463408]
R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\NISx64\1109000.00C\Ironx64.SYS --> C:\Windows\system32\drivers\NISx64\1109000.00C\Ironx64.SYS [?]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver;C:\Windows\system32\Drivers\NISx64\1109000.00C\SYMTDIV.SYS --> C:\Windows\system32\Drivers\NISx64\1109000.00C\SYMTDIV.SYS [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2010/02/03 21:27:53];C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2010-2-3 146928]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2010-2-4 92160]
R2 CalendarSynchService;CalendarSynchService;C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [2009-9-10 22072]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccsvchst.exe [2011-10-12 126400]
R3 ACPIService;Buttons and OSDs ACPI driver gen2;C:\Windows\system32\DRIVERS\OSDACPI.SYS --> C:\Windows\system32\DRIVERS\OSDACPI.SYS [?]
R3 AVerAVF2;AVerAVF2;C:\Windows\system32\DRIVERS\AVerAVF2.sys --> C:\Windows\system32\DRIVERS\AVerAVF2.sys [?]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-7-21 132656]
R3 FintekCIR;Fintek eHome Transceiver;C:\Windows\system32\DRIVERS\FintekCIR.sys --> C:\Windows\system32\DRIVERS\FintekCIR.sys [?]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 hidkmdf;Microsoft HID Class Shim for KMDF;C:\Windows\system32\DRIVERS\hidkmdf.sys --> C:\Windows\system32\DRIVERS\hidkmdf.sys [?]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?]
R3 NW1950;NextWindow 1950 Touch Screen;C:\Windows\system32\DRIVERS\NW1950.sys --> C:\Windows\system32\DRIVERS\NW1950.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-5 136176]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-5 136176]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== File Associations ===============
.
inffile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
VBEFile=%SystemRoot%\SysWow64\WScript.exe "%1" %*
VBSFile=%SystemRoot%\SysWow64\WScript.exe "%1" %*
.
=============== Created Last 30 ================
.
2012-07-16 10:04:01 57976 ----a-r- C:\Windows\System32\drivers\SBREDrv.sys
2012-07-16 10:03:59 -------- d-----w- C:\Program Files (x86)\STOPzilla!
2012-07-16 10:03:59 -------- d-----w- C:\Program Files (x86)\Common Files\iS3
2012-07-16 10:03:58 -------- d-----w- C:\ProgramData\STOPzilla!
2012-07-16 09:09:48 -------- d-----w- C:\$RECYCLE.BIN
2012-07-16 08:29:35 98816 ----a-w- C:\Windows\sed.exe
2012-07-16 08:29:35 518144 ----a-w- C:\Windows\SWREG.exe
2012-07-16 08:29:35 256000 ----a-w- C:\Windows\PEV.exe
2012-07-16 08:29:35 208896 ----a-w- C:\Windows\MBR.exe
2012-07-16 08:29:22 -------- d-----w- C:\ComboFix
2012-07-16 05:26:23 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%
2012-07-15 20:40:37 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-07-15 20:08:39 -------- d-----w- C:\Windows\pss
2012-07-15 19:51:56 -------- d-----w- C:\Users\Syd and Melitta\AppData\Local\{2D8DA50B-CEB6-11E1-8270-B8AC6F996F26}
2012-07-15 19:48:30 -------- d-----w- C:\Users\Syd and Melitta\AppData\Roaming\xsecva
2012-07-15 03:34:19 9013136 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{483BA8BA-E201-4755-853B-1E2B560F0DE7}\mpengine.dll
2012-07-13 08:37:47 -------- d-----w- C:\Users\Syd and Melitta\AppData\Local\{E9D00CAD-738D-4987-A1D3-2BDD4F567162}
2012-07-13 08:37:36 -------- d-----w- C:\Users\Syd and Melitta\AppData\Local\{1E002551-270F-45FB-BAAA-FDC9F25EF2DF}
2012-07-13 08:35:11 -------- d-----w- C:\Users\Syd and Melitta\AppData\Local\{23DE88A5-1566-468D-A694-4FD9EDE9E403}
2012-07-13 08:34:59 -------- d-----w- C:\Users\Syd and Melitta\AppData\Local\{E6DBC401-59E4-4712-8B06-79EB1DF31E75}
2012-07-13 08:34:33 -------- d-----w- C:\Users\Syd and Melitta\AppData\Local\{DC8567E3-D723-4805-BEB6-DA68E97C9FE3}
2012-07-13 08:32:37 -------- d-----w- C:\Users\Syd and Melitta\AppData\Local\{77A96C9A-1CA2-4D36-9587-947306993770}
2012-07-13 08:32:25 -------- d-----w- C:\Users\Syd and Melitta\AppData\Local\{11C02164-25BE-4FFF-B90D-AAC8965284B1}
2012-07-13 08:31:21 -------- d-----w- C:\Users\Syd and Melitta\AppData\Local\{90BCA66A-7F10-4D7E-A5E4-D365DBB18111}
2012-07-13 08:31:02 -------- d-----w- C:\Users\Syd and Melitta\AppData\Local\{687771E0-0076-4422-BD4C-B874320EE71F}
2012-07-11 20:34:27 3147264 ----a-w- C:\Windows\System32\win32k.sys
2012-07-11 19:21:36 1880064 ----a-w- C:\Windows\System32\msxml3.dll
2012-07-10 06:11:04 -------- d-----r- C:\Users\Syd and Melitta\Dropbox
2012-07-10 06:09:36 -------- d-----w- C:\Users\Syd and Melitta\AppData\Roaming\Dropbox
2012-07-09 08:32:52 -------- d-----w- C:\Program Files (x86)\Digiarty
2012-07-08 07:34:45 -------- d-----w- C:\Users\Syd and Melitta\AppData\Local\etax2012
2012-07-08 07:34:18 -------- d-----w- C:\Program Files (x86)\etax2012
2012-06-26 08:17:41 -------- d-----w- C:\Users\Syd and Melitta\AppData\Roaming\PDF Writer
2012-06-26 08:17:41 -------- d-----w- C:\Users\Syd and Melitta\AppData\Local\PDF Writer
2012-06-26 08:17:41 -------- d-----w- C:\ProgramData\PDF Writer
2012-06-26 08:16:29 101376 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\HPZPPWN7.DLL
2012-06-26 08:15:28 227840 ----a-w- C:\Windows\SysWow64\bzFlRdr.dll
2012-06-26 08:15:28 135168 ----a-w- C:\Windows\SysWow64\bzpdfc.dll
2012-06-26 08:15:28 103424 ----a-w- C:\Windows\SysWow64\bzDCT.dll
2012-06-26 08:15:28 -------- d-----w- C:\Program Files\Common Files\Bullzip
2012-06-26 08:15:26 216064 ----a-w- C:\Windows\System32\bzpdf.dll
2012-06-26 08:15:22 -------- d-----w- C:\Program Files\Bullzip
2012-06-26 08:14:53 -------- d-----w- C:\ProgramData\blekko toolbars
2012-06-26 08:14:49 -------- d-----w- C:\Program Files (x86)\blekkotb_031
2012-06-26 08:14:48 -------- d-----w- C:\Users\Syd and Melitta\AppData\Local\blekkotb_031
2012-06-26 08:14:47 -------- d-----w- C:\ProgramData\Anti-phishing Domain Advisor
2012-06-25 20:05:48 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-25 20:04:44 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-25 20:04:13 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-25 20:04:13 186752 ----a-w- C:\Windows\System32\wuwebv.dll
.
==================== Find3M ====================
.
2012-07-15 20:40:37 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-03 03:46:44 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-06-06 05:50:50 2003968 ----a-w- C:\Windows\System32\msxml6.dll
2012-06-06 05:09:46 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-06-06 05:09:46 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll
2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-06-02 05:38:26 95088 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2012-06-02 05:38:24 152432 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2012-06-02 05:37:45 459216 ----a-w- C:\Windows\System32\drivers\cng.sys
2012-06-02 05:27:02 340992 ----a-w- C:\Windows\System32\schannel.dll
2012-06-02 05:27:00 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-06-02 04:48:39 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2012-06-02 04:48:35 225280 ----a-w- C:\Windows\SysWow64\schannel.dll
2012-06-02 04:47:31 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-06-02 04:42:51 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2012-05-04 10:52:22 5505392 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-04 10:08:16 3958128 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:08:15 3902320 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-05-02 05:32:43 208896 ----a-w- C:\Windows\System32\profsvc.dll
2012-04-28 03:50:40 204800 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-04-27 04:08:57 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-04-26 05:34:38 76288 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-04-26 05:34:37 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-04-26 05:28:32 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-04-25 02:11:36 52736 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys
2012-04-25 02:11:36 4547944 ----a-w- C:\Windows\System32\usbaaplrc.dll
2012-04-25 01:35:32 23376 ----a-r- C:\Windows\SysWow64\SZIO5.dll
2012-04-25 01:35:22 546640 ----a-r- C:\Windows\SysWow64\SZComp5.dll
2012-04-25 01:35:16 481104 ----a-r- C:\Windows\SysWow64\SZBase5.dll
2012-04-24 05:59:45 182272 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-04-24 05:59:45 1460224 ----a-w- C:\Windows\System32\crypt32.dll
2012-04-24 05:59:45 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2012-04-24 04:47:04 139264 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-04-24 04:47:04 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2012-04-24 04:47:03 1156608 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-04-19 07:39:44 29008 ----a-r- C:\Windows\SysWow64\IS3XDat5.dll
2012-04-19 07:39:44 231248 ----a-r- C:\Windows\SysWow64\IS3Win325.dll
2012-04-19 07:39:42 390992 ----a-r- C:\Windows\SysWow64\IS3UI5.dll
2012-04-19 07:39:42 100176 ----a-r- C:\Windows\SysWow64\IS3Svc5.dll
2012-04-19 07:39:36 104272 ----a-r- C:\Windows\SysWow64\IS3Inet5.dll
2012-04-19 07:39:34 67408 ----a-r- C:\Windows\SysWow64\IS3Hks5.dll
2012-04-19 07:39:34 132944 ----a-r- C:\Windows\SysWow64\IS3HTUI5.dll
2012-04-19 07:39:32 456528 ----a-r- C:\Windows\SysWow64\IS3DBA5.dll
2012-04-19 07:39:30 808784 ----a-r- C:\Windows\SysWow64\IS3Base5.dll
2012-04-18 10:56:30 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2012-04-18 10:56:30 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2010-10-05 04:55:10 98304 ----a-w- C:\Program Files (x86)\edtftpnet.dll
2010-10-05 04:55:10 1204224 ----a-w- C:\Program Files (x86)\FYManager.exe
.
============= FINISH: 20:17:37.29 ===============


Attach

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 20/07/2010 1:03:36 PM
System Uptime: 16/07/2012 7:50:21 PM (1 hours ago)
.
Motherboard: PEGATRON CORPORATION | | E66
Processor: Intel® Core™ i5 CPU M 430 @ 2.27GHz | CPU 1 | 2268/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 919 GiB total, 727.066 GiB free.
D: is FIXED (NTFS) - 13 GiB total, 1.786 GiB free.
E: is CDROM (UDF)
F: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP292: 8/07/2012 4:09:46 PM - Windows Update
RP293: 8/07/2012 5:33:52 PM - Installed e-tax 2012
RP294: 12/07/2012 5:17:22 AM - Windows Update
RP295: 12/07/2012 6:30:15 AM - Windows Update
RP296: 15/07/2012 1:33:35 PM - Windows Update
RP297: 16/07/2012 8:03:32 PM - Installed STOPzilla. Available with Windows Installer version 1.2 and later.
RP298: 16/07/2012 8:06:18 PM - StopZILLA! Restore Point.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
2007 Microsoft Office system
Activation Assistant for the 2007 Microsoft Office suites
ActiveCheck component for HP Active Support Library
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Adobe Reader 9.3.3
Anti-phishing Domain Advisor
Apple Application Support
Apple Software Update
blekko search bar
Buttons & OSDs control application gen3
Compatibility Pack for the 2007 Office system
CSI
CyberLink DVD Suite Deluxe
D3DX10
Digital Photo Navigator 1.5
DirectX for Managed Code Update (Summer 2004)
Dropbox
DVD Menu Pack for HP TouchSmart Video
e-tax 2010
e-tax 2011
e-tax 2012
EditVoicepack X
Everio MediaBrowser HD Edition
FIFA 12
FS Recorder 1.3 for FSX
FSX 772 American Airlines
Garmin Communicator Plugin
Garmin USB Drivers
Google Chrome
Google Earth
Google Update Helper
Grand Theft Auto IV
High-Definition Video Playback
HP Advisor
HP Customer Experience Enhancements
HP Desktop Keyboard
HP Games
HP MediaSmart DVD
HP Odometer
HP Remote Solution
HP Setup
HP Support Assistant
HP Support Information
HP TouchSmart
HP TouchSmart Browser
HP TouchSmart Calendar
HP TouchSmart Canvas
HP TouchSmart Clock
HP TouchSmart Live TV
HP TouchSmart Music/Photo/Video
HP TouchSmart Notes
HP TouchSmart RSS
HP TouchSmart Tutorials
HP TouchSmart Webcam
HP Update
HPAsset component for HP Active Support Library
HPPhotoSmartDiscLabelContent1
HPPhotosmartEssential
Internode Monthly Usage Meter 8.1z
Java Auto Updater
Java™ 6 Update 31
Jet City Aircraft 717-200
Junk Mail filter update
LabelPrint
LimeWire 5.5.10
Malwarebytes Anti-Malware version 1.62.0.1300
Microsoft Flight Simulator X
Microsoft Flight Simulator X Service Pack 1
Microsoft Games for Windows - LIVE Redistributable
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional Hybrid 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Touch Pack for Windows 7
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Works
Microsoft WSE 3.0 Runtime
Microsoft XNA Framework Redistributable 3.0
Movie Theme Pack for HP TouchSmart Video
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
Nero 11
Nero 11 Disc Menus Basic
Nero 11 Effects Basic
Nero 11 Image Samples
Nero 11 Kwik Themes Basic
Nero 11 PiP Effects Basic
Nero Audio Pack 1
Nero BackItUp 11
Nero BackItUp 11 Help (CHM)
Nero Burning ROM 11
Nero Burning ROM 11 Help (CHM)
Nero ControlCenter 11
Nero ControlCenter 11 Help (CHM)
Nero Core Components 11
Nero CoverDesigner 11
Nero CoverDesigner 11 Help (CHM)
Nero Express 11
Nero Express 11 Help (CHM)
Nero Kwik Media
Nero Kwik Media Help (CHM)
Nero Recode 11
Nero Recode 11 Help (CHM)
Nero RescueAgent 11
Nero RescueAgent 11 Help (CHM)
Nero SoundTrax 11
Nero SoundTrax 11 Help (CHM)
Nero Update
Nero Video 11
Nero Video 11 Help (CHM)
Nero WaveEditor 11
Nero WaveEditor 11 Help (CHM)
nero.prerequisites.msi
Norton Internet Security
Norton Online Backup
Origin
Pixillion Image Converter
Power2Go
PowerDirector
Prism Video File Converter
QuickTime
Realtek High Definition Audio Driver
Recovery Manager
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft Office 2007 suites (KB2596666) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
Skype Toolbars
Skype™ 4.2
SopCast 3.5.0
Spybot - Search & Destroy
STOPzilla
StreamTorrent 1.0
Super Flight Planner 4.0 RC 5
The Sims™ 3
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VLC media player 1.1.11
WBS Chart Pro
welcome
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
WinRAR archiver
WinX Free AVI to WMV Converter 4.1.0
Xilisoft AVI to DVD Converter
.
==== Event Viewer Messages From Past Week ========
.
16/07/2012 7:51:22 PM, Error: Service Control Manager [7023] - The Windows Defender service terminated with the following error: The specified module could not be found.
16/07/2012 7:10:55 PM, Error: Service Control Manager [7000] - The HP Health Check Service service failed to start due to the following error: A device attached to the system is not functioning.
16/07/2012 7:10:24 PM, Error: Service Control Manager [7000] - The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: A device attached to the system is not functioning.
16/07/2012 7:06:53 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
16/07/2012 6:44:09 PM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
16/07/2012 6:31:39 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
16/07/2012 6:28:08 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
16/07/2012 6:28:07 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
16/07/2012 6:28:07 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
16/07/2012 6:28:07 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
16/07/2012 6:28:07 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
16/07/2012 6:28:06 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
16/07/2012 6:28:00 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
16/07/2012 6:27:55 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD BHDrvx64 ccHP DfsC discache eeCtrl IDSVia64 NetBIOS NetBT nsiproxy Psched rdbss spldr SRTSPX SymIRON SYMTDIv tdx vwififlt Wanarpv6 WfpLwf
16/07/2012 6:27:54 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
16/07/2012 6:27:54 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
16/07/2012 6:27:54 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
16/07/2012 6:27:54 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
16/07/2012 6:27:54 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
16/07/2012 6:27:54 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
16/07/2012 6:27:54 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
16/07/2012 6:27:54 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
16/07/2012 6:27:54 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
16/07/2012 6:27:54 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
16/07/2012 6:26:55 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
16/07/2012 6:26:47 PM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024891
16/07/2012 3:01:48 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.
16/07/2012 3:01:39 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.
.
==== End Of File ===========================


I've accedientaly run the combofix first, and for that I apoligise
i've only run malwarebites and spybot
malwares bytes apparently fixed this very nasty file: bcminer but i dont think it did.

Cheers

Syd.

Attached Files



BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:03 PM

Posted 17 July 2012 - 12:58 AM

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your computer problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

Security Check

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.



Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 suppliersyd

suppliersyd
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:09:03 AM

Posted 17 July 2012 - 06:16 AM

Hi Gringo, thanks so much!
How long should the log report take? It has been around 45 minutes and hasn't done anything?
As per some previous posts ive seen of yours I exited out, and ran it in safe mode.
here is the combofix log
Thanks so much!! Everything in Chrome and IE looks good now (no re directs able to search etc).

Of note when I start up it tells me It cant find this:

"obsvci"="c:\users\Syd and Melitta\AppData\Roaming\obsvci.dll" [BU]

and

Cant open ACPI Kernel Mode Driver

Let me know the next steps!!!!!

ComboFix 12-07-16.01 - Syd and Melitta 17/07/2012 21:46:30.3.4 - x64 MINIMAL
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.61.1033.18.3959.2693 [GMT 10:00]
Running from: c:\users\Syd and Melitta\Desktop\abc123.exe
AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: STOPzilla Anti-Spyware *Disabled/Updated* {B2E69928-50DC-94CA-6A80-AAB054008761}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_ACPIService
.
.
((((((((((((((((((((((((( Files Created from 2012-06-17 to 2012-07-17 )))))))))))))))))))))))))))))))
.
.
2012-07-17 11:53 . 2012-07-17 11:53 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-16 10:34 . 2012-07-16 10:34 116016 ----a-w- c:\windows\system32\drivers\50700256.sys
2012-07-16 10:04 . 2012-01-11 23:28 57976 ----a-r- c:\windows\system32\drivers\SBREDrv.sys
2012-07-16 10:03 . 2012-07-16 10:03 -------- d-----w- c:\program files (x86)\STOPzilla!
2012-07-16 10:03 . 2012-07-16 10:03 -------- d-----w- c:\program files (x86)\Common Files\iS3
2012-07-16 10:03 . 2012-07-17 11:41 -------- d-----w- c:\programdata\STOPzilla!
2012-07-16 05:26 . 2012-07-16 05:26 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2012-07-15 20:40 . 2012-07-15 20:40 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-15 20:40 . 2012-07-15 20:40 -------- d-----w- c:\windows\system32\Macromed
2012-07-15 19:51 . 2012-07-15 19:51 -------- d-----w- c:\users\Syd and Melitta\AppData\Local\{2D8DA50B-CEB6-11E1-8270-B8AC6F996F26}
2012-07-15 19:48 . 2012-07-15 20:36 -------- d-----w- c:\users\Syd and Melitta\AppData\Roaming\xsecva
2012-07-15 03:34 . 2012-05-31 04:04 9013136 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{483BA8BA-E201-4755-853B-1E2B560F0DE7}\mpengine.dll
2012-07-11 20:34 . 2012-06-12 03:02 3147264 ----a-w- c:\windows\system32\win32k.sys
2012-07-11 19:21 . 2012-06-06 05:50 1880064 ----a-w- c:\windows\system32\msxml3.dll
2012-07-10 06:11 . 2012-07-17 11:35 -------- d-----r- c:\users\Syd and Melitta\Dropbox
2012-07-10 06:09 . 2012-07-17 11:35 -------- d-----w- c:\users\Syd and Melitta\AppData\Roaming\Dropbox
2012-07-09 08:32 . 2012-07-09 08:32 -------- d-----w- c:\program files (x86)\Digiarty
2012-07-08 07:34 . 2012-07-08 07:34 -------- d-----w- c:\users\Syd and Melitta\AppData\Local\etax2012
2012-07-08 07:34 . 2012-07-08 07:34 -------- d-----w- c:\program files (x86)\etax2012
2012-06-26 08:17 . 2012-06-26 08:17 -------- d-----w- c:\users\Syd and Melitta\AppData\Roaming\PDF Writer
2012-06-26 08:17 . 2012-06-26 08:17 -------- d-----w- c:\users\Syd and Melitta\AppData\Local\PDF Writer
2012-06-26 08:17 . 2012-06-26 08:17 -------- d-----w- c:\programdata\PDF Writer
2012-06-26 08:16 . 2009-07-14 01:41 101376 ----a-w- c:\windows\system32\Spool\prtprocs\x64\HPZPPWN7.DLL
2012-06-26 08:15 . 2012-06-26 08:15 -------- d-----w- c:\program files\Common Files\Bullzip
2012-06-26 08:15 . 2010-09-27 13:29 135168 ----a-w- c:\windows\SysWow64\bzpdfc.dll
2012-06-26 08:15 . 2008-10-30 13:29 227840 ----a-w- c:\windows\SysWow64\bzFlRdr.dll
2012-06-26 08:15 . 2008-07-09 13:29 103424 ----a-w- c:\windows\SysWow64\bzDCT.dll
2012-06-26 08:15 . 2012-03-27 13:29 216064 ----a-w- c:\windows\system32\bzpdf.dll
2012-06-26 08:15 . 2012-06-26 08:15 -------- d-----w- c:\program files\Bullzip
2012-06-26 08:14 . 2012-06-26 08:14 -------- d-----w- c:\programdata\blekko toolbars
2012-06-26 08:14 . 2012-07-16 08:44 -------- d-----w- c:\program files (x86)\blekkotb_031
2012-06-26 08:14 . 2012-06-26 08:14 -------- d-----w- c:\users\Syd and Melitta\AppData\Local\blekkotb_031
2012-06-26 08:14 . 2012-06-26 08:14 -------- d-----w- c:\programdata\Anti-phishing Domain Advisor
2012-06-25 20:05 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-25 20:05 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-25 20:05 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-25 20:05 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-25 20:04 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-25 20:04 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-25 20:04 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-25 20:04 . 2012-06-02 05:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-25 20:04 . 2012-06-02 05:15 36864 ----a-w- c:\windows\system32\wuapp.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-15 20:40 . 2012-02-09 09:12 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-03 03:46 . 2011-08-27 07:50 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-05-31 02:25 . 2010-09-18 10:03 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-05-04 10:52 . 2012-06-13 07:02 5505392 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 10:08 . 2012-06-13 07:02 3958128 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:08 . 2012-06-13 07:02 3902320 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-02 05:32 . 2012-06-13 07:02 208896 ----a-w- c:\windows\system32\profsvc.dll
2012-04-28 03:50 . 2012-06-13 07:02 204800 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-27 04:08 . 2012-04-27 04:09 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-04-26 05:34 . 2012-06-13 07:02 76288 ----a-w- c:\windows\system32\rdpwsx.dll
2012-04-26 05:34 . 2012-06-13 07:02 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-04-26 05:28 . 2012-06-13 07:02 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-04-25 02:11 . 2012-04-25 02:11 52736 ----a-w- c:\windows\system32\drivers\usbaapl64.sys
2012-04-25 02:11 . 2012-04-25 02:11 4547944 ----a-w- c:\windows\system32\usbaaplrc.dll
2012-04-25 01:35 . 2012-04-25 01:35 23376 ----a-r- c:\windows\SysWow64\SZIO5.dll
2012-04-25 01:35 . 2012-04-25 01:35 546640 ----a-r- c:\windows\SysWow64\SZComp5.dll
2012-04-25 01:35 . 2012-04-25 01:35 481104 ----a-r- c:\windows\SysWow64\SZBase5.dll
2012-04-24 05:59 . 2012-06-13 07:02 1460224 ----a-w- c:\windows\system32\crypt32.dll
2012-04-24 05:59 . 2012-06-13 07:02 182272 ----a-w- c:\windows\system32\cryptsvc.dll
2012-04-24 05:59 . 2012-06-13 07:02 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-04-24 04:47 . 2012-06-13 07:02 139264 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-04-24 04:47 . 2012-06-13 07:02 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2012-04-24 04:47 . 2012-06-13 07:02 1156608 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-04-19 07:39 . 2012-04-19 07:39 29008 ----a-r- c:\windows\SysWow64\IS3XDat5.dll
2012-04-19 07:39 . 2012-04-19 07:39 231248 ----a-r- c:\windows\SysWow64\IS3Win325.dll
2012-04-19 07:39 . 2012-04-19 07:39 390992 ----a-r- c:\windows\SysWow64\IS3UI5.dll
2012-04-19 07:39 . 2012-04-19 07:39 100176 ----a-r- c:\windows\SysWow64\IS3Svc5.dll
2012-04-19 07:39 . 2012-04-19 07:39 104272 ----a-r- c:\windows\SysWow64\IS3Inet5.dll
2012-04-19 07:39 . 2012-04-19 07:39 67408 ----a-r- c:\windows\SysWow64\IS3Hks5.dll
2012-04-19 07:39 . 2012-04-19 07:39 132944 ----a-r- c:\windows\SysWow64\IS3HTUI5.dll
2012-04-19 07:39 . 2012-04-19 07:39 456528 ----a-r- c:\windows\SysWow64\IS3DBA5.dll
2012-04-19 07:39 . 2012-04-19 07:39 808784 ----a-r- c:\windows\SysWow64\IS3Base5.dll
2010-10-05 04:55 . 2010-10-05 04:55 98304 ----a-w- c:\program files (x86)\edtftpnet.dll
2010-10-05 04:55 . 2010-10-05 04:55 1204224 ----a-w- c:\program files (x86)\FYManager.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2012-07-17_10.51.12 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-02-03 10:08 . 2012-07-17 11:36 50138 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-07-17 11:36 34092 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-07-20 03:07 . 2012-07-17 11:36 17666 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2663545482-787065094-1891926653-1000_UserData.bin
- 2012-07-17 10:47 . 2012-07-17 10:47 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-07-17 11:54 . 2012-07-17 11:54 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-07-17 10:47 . 2012-07-17 10:47 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-07-17 11:54 . 2012-07-17 11:54 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-07-20 12:22 . 2012-07-17 11:44 399792 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2009-07-14 05:01 . 2012-07-17 10:46 405100 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-07-17 11:44 405100 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2010-11-13 13:11 . 2012-07-17 11:44 3319740 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2663545482-787065094-1891926653-1000-8192.dat
- 2010-11-13 13:11 . 2012-07-17 10:46 3319740 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2663545482-787065094-1891926653-1000-8192.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\users\Syd and Melitta\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\users\Syd and Melitta\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\users\Syd and Melitta\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPADVISOR"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2009-09-29 1685048]
"EA Core"="c:\program files (x86)\Electronic Arts\EADM\Core.exe" [BU]
"InternodeUsage"="c:\progra~2\INTERN~2\mum.exe" [2010-02-07 1363456]
"RGSC"="c:\program files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" [BU]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
"XSECVA"="c:\users\Syd and Melitta\AppData\Roaming\xsecva\xsecva.exe" [2012-07-15 131072]
"obsvci"="c:\users\Syd and Melitta\AppData\Roaming\obsvci.dll" [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-19 62768]
"HP KEYBOARDx"="c:\program files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE" [2009-10-19 715776]
"HP Remote Solution"="c:\program files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe" [2009-08-25 656896]
"Buttons & OSDs control application gen3"="c:\program files (x86)\Hewlett-Packard\Buttons & OSDs control application gen3\FastUserSwitching.exe" [2009-11-17 212992]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-06-29 600936]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"NBAgent"="c:\program files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" [2011-11-18 1492264]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776]
"Anti-phishing Domain Advisor"="c:\programdata\Anti-phishing Domain Advisor\visicom_antiphishing.exe" [2012-05-03 217256]
.
c:\users\Syd and Melitta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Syd and Melitta\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-6-14 27595032]
LimeWire On Startup.lnk - c:\program files (x86)\LimeWire\LimeWire.exe [2010-7-9 503808]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Camera Monitor HD.lnk - c:\program files (x86)\PIXELA\Everio MediaBrowser HD Edition\MBCameraMonitor.exe [2010-9-18 541976]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R0 is3srv;is3srv;c:\windows\SySWOW64\drivers\is3srv64.sys [2011-09-26 74768]
R1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100901.003\BHDrvx64.sys [2010-08-31 954928]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NISx64\1109000.00C\ccHPx64.sys [2011-08-04 593544]
R1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100916.001\IDSvia64.sys [2010-07-05 463408]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1109000.00C\Ironx64.SYS [2010-04-29 150064]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\System32\Drivers\NISx64\1109000.00C\SYMTDIV.SYS [2011-08-22 451704]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2010/02/03 21:27];c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2009-09-17 06:41 146928]
R2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.EXE [2009-03-31 92160]
R2 CalendarSynchService;CalendarSynchService;c:\program files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [2009-09-10 22072]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-05 136176]
R2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
R2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe [2011-08-04 126400]
R3 AVerAVF2;AVerAVF2;c:\windows\system32\DRIVERS\AVerAVF2.sys [2009-10-29 1116928]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-07-21 132656]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-05 136176]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2009-05-19 702976]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-08-21 239616]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-04-25 52736]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-11-13 1255736]
S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [2011-12-01 72240]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [2011-12-01 15920]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1109000.00C\SYMDS64.SYS [2009-08-30 433200]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1109000.00C\SYMEFA64.SYS [2011-08-22 221304]
S0 szkg5;szkg5;c:\windows\SySWOW64\DRIVERS\szkg64.sys [2011-09-26 74768]
S3 FintekCIR;Fintek eHome Transceiver;c:\windows\system32\DRIVERS\FintekCIR.sys [2009-11-13 30248]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 hidkmdf;Microsoft HID Class Shim for KMDF;c:\windows\system32\DRIVERS\hidkmdf.sys [2009-09-17 14328]
S3 NW1950;NextWindow 1950 Touch Screen;c:\windows\system32\DRIVERS\NW1950.sys [2009-09-17 25080]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-07-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-05 04:32]
.
2012-07-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-05 04:32]
.
2012-07-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2663545482-787065094-1891926653-1000Core.job
- c:\users\Syd and Melitta\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-20 03:29]
.
2012-07-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2663545482-787065094-1891926653-1000UA.job
- c:\users\Syd and Melitta\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-20 03:29]
.
2011-09-30 c:\windows\Tasks\PCDRScheduledMaintenance.job
- c:\program files\PC-Doctor for Windows\pcdrcui.exe [2009-09-18 07:11]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 97792 ----a-w- c:\users\Syd and Melitta\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 97792 ----a-w- c:\users\Syd and Melitta\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 97792 ----a-w- c:\users\Syd and Melitta\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 97792 ----a-w- c:\users\Syd and Melitta\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-09-04 8098848]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-30 16336416]
"PC-Doctor for Windows localizer"="c:\program files\PC-Doctor for Windows\localizer.exe" [2009-09-17 95728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.au/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.1.1.1
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-combofix - c:\abc123\CF9959.3XE
AddRemove-{B60DCA15-56A3-4D2D-8747-22CF7D7B588B} - c:\program files (x86)\InstallShield Installation Information\{B60DCA15-56A3-4D2D-8747-22CF7D7B588B}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\17.9.0.12\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{55662437-DA8C-40c0-AADA-2C816A897A49}]
"ImagePath"="\??\c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2663545482-787065094-1891926653-1000\Software\SecuROM\License information*]
"datasecu"=hex:79,ac,90,66,53,83,1a,75,66,4c,4f,cd,1c,6c,96,a6,47,36,c2,ca,99,
e6,9b,83,a9,4b,96,bf,7e,a0,30,12,06,7f,05,65,bb,86,cf,38,c6,5b,12,f8,77,16,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-07-17 21:58:36 - machine was rebooted
ComboFix-quarantined-files.txt 2012-07-17 11:58
.
Pre-Run: 780,159,602,688 bytes free
Post-Run: 780,067,926,016 bytes free
.
- - End Of File - - D4612155DDF58838CE45B3F6E8BC3E50

Edited by suppliersyd, 17 July 2012 - 07:23 AM.


#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:03 PM

Posted 17 July 2012 - 09:06 AM

Greetings

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 suppliersyd

suppliersyd
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:09:03 AM

Posted 17 July 2012 - 03:06 PM

Hi Gringo,
Thanks, and of note, when I have run TDSS whilst still infected (prior to combofix run) it aslo didnt pick the issue (possble bcminer - found via malwarebytes)
Computer status: is working fine with no redirects etc....

TDSSKiller:

05:29:13.0963 5272 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
05:29:15.0024 5272 ============================================================
05:29:15.0024 5272 Current date / time: 2012/07/18 05:29:15.0024
05:29:15.0024 5272 SystemInfo:
05:29:15.0024 5272
05:29:15.0024 5272 OS Version: 6.1.7600 ServicePack: 0.0
05:29:15.0024 5272 Product type: Workstation
05:29:15.0024 5272 ComputerName: SYDANDMELITTA
05:29:15.0024 5272 UserName: Syd and Melitta
05:29:15.0024 5272 Windows directory: C:\Windows
05:29:15.0024 5272 System windows directory: C:\Windows
05:29:15.0024 5272 Running under WOW64
05:29:15.0024 5272 Processor architecture: Intel x64
05:29:15.0024 5272 Number of processors: 4
05:29:15.0024 5272 Page size: 0x1000
05:29:15.0024 5272 Boot type: Normal boot
05:29:15.0024 5272 ============================================================
05:29:20.0172 5272 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
05:29:20.0172 5272 ============================================================
05:29:20.0172 5272 \Device\Harddisk0\DR0:
05:29:20.0203 5272 MBR partitions:
05:29:20.0203 5272 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
05:29:20.0203 5272 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x72D3E000
05:29:20.0203 5272 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x72D70800, BlocksNum 0x1995800
05:29:20.0203 5272 ============================================================
05:29:20.0266 5272 C: <-> \Device\Harddisk0\DR0\Partition1
05:29:20.0437 5272 D: <-> \Device\Harddisk0\DR0\Partition2
05:29:20.0437 5272 ============================================================
05:29:20.0437 5272 Initialize success
05:29:20.0437 5272 ============================================================
05:29:22.0231 5424 ============================================================
05:29:22.0231 5424 Scan started
05:29:22.0231 5424 Mode: Manual;
05:29:22.0231 5424 ============================================================
05:29:28.0705 5424 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
05:29:28.0705 5424 1394ohci - ok
05:29:29.0158 5424 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
05:29:29.0158 5424 ACPI - ok
05:29:29.0267 5424 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
05:29:29.0267 5424 AcpiPmi - ok
05:29:29.0657 5424 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
05:29:29.0672 5424 adp94xx - ok
05:29:29.0906 5424 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
05:29:29.0942 5424 adpahci - ok
05:29:30.0112 5424 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
05:29:30.0132 5424 adpu320 - ok
05:29:30.0282 5424 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
05:29:30.0282 5424 AeLookupSvc - ok
05:29:30.0632 5424 AERTFilters (3ac22a3dfa8a050e35f0e3cd99d0cdf2) C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
05:29:30.0632 5424 AERTFilters - ok
05:29:31.0696 5424 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
05:29:31.0727 5424 AFD - ok
05:29:32.0133 5424 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
05:29:32.0148 5424 agp440 - ok
05:29:32.0507 5424 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
05:29:32.0507 5424 ALG - ok
05:29:32.0694 5424 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
05:29:32.0710 5424 aliide - ok
05:29:33.0178 5424 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
05:29:33.0178 5424 amdide - ok
05:29:33.0272 5424 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
05:29:33.0303 5424 AmdK8 - ok
05:29:33.0365 5424 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
05:29:33.0396 5424 AmdPPM - ok
05:29:33.0568 5424 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
05:29:33.0599 5424 amdsata - ok
05:29:33.0849 5424 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
05:29:33.0864 5424 amdsbs - ok
05:29:34.0301 5424 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
05:29:34.0301 5424 amdxata - ok
05:29:34.0488 5424 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
05:29:34.0488 5424 AppID - ok
05:29:34.0566 5424 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
05:29:34.0566 5424 AppIDSvc - ok
05:29:34.0722 5424 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
05:29:34.0738 5424 Appinfo - ok
05:29:36.0189 5424 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
05:29:36.0204 5424 Apple Mobile Device - ok
05:29:36.0485 5424 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
05:29:36.0501 5424 arc - ok
05:29:36.0704 5424 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
05:29:36.0719 5424 arcsas - ok
05:29:36.0860 5424 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
05:29:36.0875 5424 AsyncMac - ok
05:29:36.0969 5424 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
05:29:36.0969 5424 atapi - ok
05:29:37.0328 5424 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
05:29:37.0374 5424 AudioEndpointBuilder - ok
05:29:37.0374 5424 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
05:29:37.0374 5424 AudioSrv - ok
05:29:38.0076 5424 AVerAVF2 (549f501ee4e4b296399557da435c3b15) C:\Windows\system32\DRIVERS\AVerAVF2.sys
05:29:38.0092 5424 AVerAVF2 - ok
05:29:38.0373 5424 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
05:29:38.0373 5424 AxInstSV - ok
05:29:38.0607 5424 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
05:29:38.0622 5424 b06bdrv - ok
05:29:38.0794 5424 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
05:29:38.0794 5424 b57nd60a - ok
05:29:39.0012 5424 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
05:29:39.0012 5424 BDESVC - ok
05:29:39.0044 5424 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
05:29:39.0075 5424 Beep - ok
05:29:39.0574 5424 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
05:29:39.0574 5424 BFE - ok
05:29:40.0245 5424 BHDrvx64 (ddae7b27bdbb3da1276784753138b9c2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100901.003\BHDrvx64.sys
05:29:40.0260 5424 BHDrvx64 - ok
05:29:40.0900 5424 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\system32\qmgr.dll
05:29:40.0916 5424 BITS - ok
05:29:41.0087 5424 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
05:29:41.0087 5424 blbdrive - ok
05:29:41.0384 5424 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
05:29:41.0384 5424 Bonjour Service - ok
05:29:41.0524 5424 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
05:29:41.0555 5424 bowser - ok
05:29:41.0742 5424 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
05:29:41.0742 5424 BrFiltLo - ok
05:29:41.0774 5424 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
05:29:41.0789 5424 BrFiltUp - ok
05:29:41.0883 5424 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
05:29:41.0883 5424 BridgeMP - ok
05:29:41.0914 5424 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
05:29:41.0930 5424 Browser - ok
05:29:41.0961 5424 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
05:29:41.0976 5424 Brserid - ok
05:29:41.0992 5424 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
05:29:42.0008 5424 BrSerWdm - ok
05:29:42.0070 5424 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
05:29:42.0070 5424 BrUsbMdm - ok
05:29:42.0101 5424 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
05:29:42.0101 5424 BrUsbSer - ok
05:29:42.0164 5424 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
05:29:42.0195 5424 BTHMODEM - ok
05:29:42.0398 5424 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
05:29:42.0398 5424 bthserv - ok
05:29:42.0538 5424 CalendarSynchService (8f65d2b9331a2b38fcf69f24f756c2fd) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
05:29:42.0538 5424 CalendarSynchService - ok
05:29:42.0632 5424 catchme - ok
05:29:42.0944 5424 ccHP (37f1baec39b505b3b51893a35c8337ea) C:\Windows\system32\drivers\NISx64\1109000.00C\ccHPx64.sys
05:29:42.0959 5424 ccHP - ok
05:29:43.0053 5424 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
05:29:43.0053 5424 cdfs - ok
05:29:43.0162 5424 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
05:29:43.0162 5424 cdrom - ok
05:29:43.0271 5424 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
05:29:43.0271 5424 CertPropSvc - ok
05:29:43.0349 5424 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
05:29:43.0349 5424 circlass - ok
05:29:43.0380 5424 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
05:29:43.0396 5424 CLFS - ok
05:29:43.0505 5424 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
05:29:43.0521 5424 clr_optimization_v2.0.50727_32 - ok
05:29:43.0599 5424 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
05:29:43.0646 5424 clr_optimization_v2.0.50727_64 - ok
05:29:43.0973 5424 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
05:29:44.0082 5424 clr_optimization_v4.0.30319_32 - ok
05:29:44.0145 5424 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
05:29:44.0145 5424 clr_optimization_v4.0.30319_64 - ok
05:29:44.0238 5424 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
05:29:44.0238 5424 CmBatt - ok
05:29:44.0285 5424 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
05:29:44.0285 5424 cmdide - ok
05:29:44.0348 5424 CNG (ca7720b73446fddec5c69519c1174c98) C:\Windows\system32\Drivers\cng.sys
05:29:44.0363 5424 CNG - ok
05:29:44.0379 5424 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
05:29:44.0379 5424 Compbatt - ok
05:29:44.0410 5424 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
05:29:44.0426 5424 CompositeBus - ok
05:29:44.0441 5424 COMSysApp - ok
05:29:44.0504 5424 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
05:29:44.0504 5424 crcdisk - ok
05:29:44.0691 5424 CryptSvc (f02786b66375292e58c8777082d4396d) C:\Windows\system32\cryptsvc.dll
05:29:44.0691 5424 CryptSvc - ok
05:29:44.0753 5424 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
05:29:44.0769 5424 DcomLaunch - ok
05:29:44.0987 5424 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
05:29:45.0018 5424 defragsvc - ok
05:29:45.0081 5424 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
05:29:45.0096 5424 DfsC - ok
05:29:45.0252 5424 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
05:29:45.0252 5424 Dhcp - ok
05:29:45.0362 5424 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
05:29:45.0377 5424 discache - ok
05:29:45.0471 5424 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
05:29:45.0471 5424 Disk - ok
05:29:45.0596 5424 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
05:29:45.0627 5424 Dnscache - ok
05:29:45.0705 5424 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
05:29:45.0736 5424 dot3svc - ok
05:29:45.0861 5424 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
05:29:45.0892 5424 DPS - ok
05:29:45.0939 5424 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
05:29:45.0954 5424 drmkaud - ok
05:29:46.0719 5424 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
05:29:46.0719 5424 DXGKrnl - ok
05:29:46.0937 5424 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
05:29:46.0953 5424 EapHost - ok
05:29:48.0294 5424 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
05:29:48.0435 5424 ebdrv - ok
05:29:49.0043 5424 eeCtrl (066108ae4c35835081598827a1a7d08d) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
05:29:49.0059 5424 eeCtrl - ok
05:29:49.0542 5424 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
05:29:49.0542 5424 EFS - ok
05:29:49.0886 5424 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
05:29:49.0964 5424 ehRecvr - ok
05:29:50.0042 5424 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
05:29:50.0042 5424 ehSched - ok
05:29:50.0166 5424 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
05:29:50.0182 5424 elxstor - ok
05:29:50.0494 5424 EraserUtilRebootDrv (12866876e3851f1e5d462b2a83e25578) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
05:29:50.0494 5424 EraserUtilRebootDrv - ok
05:29:50.0525 5424 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
05:29:50.0525 5424 ErrDev - ok
05:29:50.0697 5424 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
05:29:50.0697 5424 EventSystem - ok
05:29:50.0744 5424 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
05:29:50.0744 5424 exfat - ok
05:29:50.0790 5424 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
05:29:50.0790 5424 fastfat - ok
05:29:51.0446 5424 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
05:29:51.0446 5424 Fax - ok
05:29:51.0602 5424 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
05:29:51.0602 5424 fdc - ok
05:29:51.0664 5424 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
05:29:51.0664 5424 fdPHost - ok
05:29:51.0695 5424 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
05:29:51.0695 5424 FDResPub - ok
05:29:51.0726 5424 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
05:29:51.0726 5424 FileInfo - ok
05:29:51.0773 5424 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
05:29:51.0773 5424 Filetrace - ok
05:29:51.0867 5424 FintekCIR (35daad359197828d3cf3965764f5d82c) C:\Windows\system32\DRIVERS\FintekCIR.sys
05:29:51.0867 5424 FintekCIR - ok
05:29:51.0867 5424 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
05:29:51.0867 5424 flpydisk - ok
05:29:52.0132 5424 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
05:29:52.0148 5424 FltMgr - ok
05:29:52.0756 5424 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
05:29:52.0834 5424 FontCache - ok
05:29:52.0974 5424 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
05:29:52.0974 5424 FontCache3.0.0.0 - ok
05:29:53.0162 5424 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
05:29:53.0162 5424 FsDepends - ok
05:29:53.0193 5424 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
05:29:53.0193 5424 Fs_Rec - ok
05:29:53.0396 5424 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
05:29:53.0411 5424 fvevol - ok
05:29:53.0505 5424 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
05:29:53.0505 5424 gagp30kx - ok
05:29:53.0661 5424 GameConsoleService (c1bbce4b30b45410178ee674c818d10c) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
05:29:53.0692 5424 GameConsoleService - ok
05:29:53.0739 5424 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
05:29:53.0739 5424 GEARAspiWDM - ok
05:29:54.0300 5424 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
05:29:54.0378 5424 gpsvc - ok
05:29:54.0456 5424 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
05:29:54.0456 5424 gupdate - ok
05:29:54.0550 5424 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
05:29:54.0550 5424 gupdatem - ok
05:29:54.0581 5424 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
05:29:54.0581 5424 hcw85cir - ok
05:29:54.0628 5424 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
05:29:54.0628 5424 HDAudBus - ok
05:29:54.0768 5424 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
05:29:54.0768 5424 HECIx64 - ok
05:29:54.0831 5424 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
05:29:54.0846 5424 HidBatt - ok
05:29:54.0956 5424 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
05:29:54.0971 5424 HidBth - ok
05:29:55.0190 5424 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
05:29:55.0190 5424 HidIr - ok
05:29:55.0283 5424 hidkmdf (ac0e56c858b86732420a44827b7ce2c9) C:\Windows\system32\DRIVERS\hidkmdf.sys
05:29:55.0283 5424 hidkmdf - ok
05:29:55.0392 5424 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
05:29:55.0392 5424 hidserv - ok
05:29:55.0533 5424 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
05:29:55.0533 5424 HidUsb - ok
05:29:55.0580 5424 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
05:29:55.0595 5424 hkmsvc - ok
05:29:55.0611 5424 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
05:29:55.0611 5424 HomeGroupListener - ok
05:29:55.0658 5424 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
05:29:55.0658 5424 HomeGroupProvider - ok
05:29:55.0767 5424 HP Health Check Service (58c91cca61a948dc6e789c93c05a1d6f) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
05:29:55.0814 5424 HP Health Check Service - ok
05:29:55.0938 5424 hpqwmiex (fdf273a845f1ffcceadf363aaf47582f) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
05:29:55.0954 5424 hpqwmiex - ok
05:29:56.0032 5424 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
05:29:56.0032 5424 HpSAMD - ok
05:29:56.0157 5424 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
05:29:56.0157 5424 HTTP - ok
05:29:56.0172 5424 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
05:29:56.0172 5424 hwpolicy - ok
05:29:56.0188 5424 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
05:29:56.0204 5424 i8042prt - ok
05:29:56.0266 5424 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
05:29:56.0266 5424 iaStor - ok
05:29:56.0562 5424 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
05:29:56.0594 5424 iaStorV - ok
05:29:56.0750 5424 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
05:29:56.0750 5424 IDriverT - ok
05:29:56.0968 5424 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
05:29:56.0984 5424 idsvc - ok
05:29:57.0311 5424 IDSVia64 (c3292140bf458b46cf8abbfd7e177bbe) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100916.001\IDSvia64.sys
05:29:57.0311 5424 IDSVia64 - ok
05:29:57.0530 5424 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
05:29:57.0545 5424 iirsp - ok
05:29:58.0029 5424 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
05:29:58.0044 5424 IKEEXT - ok
05:29:58.0388 5424 IntcAzAudAddService (430aab6c09af99d5beb311795349e9dd) C:\Windows\system32\drivers\RTKVHD64.sys
05:29:58.0403 5424 IntcAzAudAddService - ok
05:29:58.0637 5424 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
05:29:58.0637 5424 intelide - ok
05:29:58.0746 5424 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
05:29:58.0746 5424 intelppm - ok
05:29:58.0965 5424 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
05:29:58.0965 5424 IPBusEnum - ok
05:29:59.0214 5424 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
05:29:59.0214 5424 IpFilterDriver - ok
05:29:59.0636 5424 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
05:29:59.0651 5424 iphlpsvc - ok
05:29:59.0667 5424 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
05:29:59.0682 5424 IPMIDRV - ok
05:29:59.0870 5424 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
05:29:59.0870 5424 IPNAT - ok
05:30:00.0384 5424 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
05:30:00.0400 5424 iPod Service - ok
05:30:00.0494 5424 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
05:30:00.0494 5424 IRENUM - ok
05:30:00.0790 5424 is3srv (8598e4a12eaa945b35365dd2750b9777) C:\Windows\syswow64\drivers\is3srv64.sys
05:30:00.0790 5424 is3srv - ok
05:30:00.0852 5424 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
05:30:00.0852 5424 isapnp - ok
05:30:00.0899 5424 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
05:30:00.0930 5424 iScsiPrt - ok
05:30:00.0977 5424 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
05:30:00.0977 5424 kbdclass - ok
05:30:01.0024 5424 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
05:30:01.0024 5424 kbdhid - ok
05:30:01.0055 5424 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
05:30:01.0055 5424 KeyIso - ok
05:30:01.0133 5424 KSecDD (4f4b5fde429416877de7143044582eb5) C:\Windows\system32\Drivers\ksecdd.sys
05:30:01.0133 5424 KSecDD - ok
05:30:01.0180 5424 KSecPkg (6f40465a44ecdc1731befafec5bdd03c) C:\Windows\system32\Drivers\ksecpkg.sys
05:30:01.0180 5424 KSecPkg - ok
05:30:01.0196 5424 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
05:30:01.0211 5424 ksthunk - ok
05:30:01.0383 5424 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
05:30:01.0383 5424 KtmRm - ok
05:30:01.0570 5424 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\System32\srvsvc.dll
05:30:01.0570 5424 LanmanServer - ok
05:30:01.0679 5424 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
05:30:01.0695 5424 LanmanWorkstation - ok
05:30:01.0835 5424 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
05:30:01.0851 5424 lltdio - ok
05:30:01.0991 5424 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
05:30:02.0069 5424 lltdsvc - ok
05:30:02.0116 5424 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
05:30:02.0116 5424 lmhosts - ok
05:30:02.0241 5424 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
05:30:02.0241 5424 LSI_FC - ok
05:30:02.0288 5424 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
05:30:02.0288 5424 LSI_SAS - ok
05:30:02.0335 5424 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
05:30:02.0335 5424 LSI_SAS2 - ok
05:30:02.0413 5424 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
05:30:02.0428 5424 LSI_SCSI - ok
05:30:02.0553 5424 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
05:30:02.0553 5424 luafv - ok
05:30:02.0584 5424 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
05:30:02.0584 5424 Mcx2Svc - ok
05:30:02.0600 5424 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
05:30:02.0600 5424 megasas - ok
05:30:02.0662 5424 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
05:30:02.0678 5424 MegaSR - ok
05:30:02.0896 5424 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
05:30:02.0912 5424 Microsoft Office Groove Audit Service - ok
05:30:02.0943 5424 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
05:30:02.0943 5424 MMCSS - ok
05:30:02.0974 5424 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
05:30:02.0974 5424 Modem - ok
05:30:03.0052 5424 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
05:30:03.0052 5424 monitor - ok
05:30:03.0130 5424 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
05:30:03.0130 5424 mouclass - ok
05:30:03.0193 5424 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
05:30:03.0193 5424 mouhid - ok
05:30:03.0208 5424 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
05:30:03.0224 5424 mountmgr - ok
05:30:03.0271 5424 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
05:30:03.0271 5424 mpio - ok
05:30:03.0271 5424 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
05:30:03.0286 5424 mpsdrv - ok
05:30:03.0520 5424 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
05:30:03.0536 5424 MpsSvc - ok
05:30:03.0567 5424 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
05:30:03.0583 5424 MRxDAV - ok
05:30:03.0629 5424 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
05:30:03.0645 5424 mrxsmb - ok
05:30:03.0739 5424 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
05:30:03.0754 5424 mrxsmb10 - ok
05:30:03.0785 5424 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
05:30:03.0785 5424 mrxsmb20 - ok
05:30:03.0817 5424 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
05:30:03.0817 5424 msahci - ok
05:30:03.0848 5424 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
05:30:03.0848 5424 msdsm - ok
05:30:03.0879 5424 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
05:30:03.0879 5424 MSDTC - ok
05:30:03.0895 5424 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
05:30:03.0895 5424 Msfs - ok
05:30:03.0910 5424 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
05:30:03.0910 5424 mshidkmdf - ok
05:30:03.0926 5424 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
05:30:03.0926 5424 msisadrv - ok
05:30:03.0988 5424 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
05:30:03.0988 5424 MSiSCSI - ok
05:30:04.0004 5424 msiserver - ok
05:30:04.0051 5424 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
05:30:04.0051 5424 MSKSSRV - ok
05:30:04.0066 5424 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
05:30:04.0066 5424 MSPCLOCK - ok
05:30:04.0066 5424 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
05:30:04.0066 5424 MSPQM - ok
05:30:04.0097 5424 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
05:30:04.0097 5424 MsRPC - ok
05:30:04.0113 5424 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
05:30:04.0113 5424 mssmbios - ok
05:30:04.0129 5424 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
05:30:04.0129 5424 MSTEE - ok
05:30:04.0175 5424 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
05:30:04.0175 5424 MTConfig - ok
05:30:04.0238 5424 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
05:30:04.0238 5424 Mup - ok
05:30:04.0316 5424 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
05:30:04.0331 5424 napagent - ok
05:30:04.0409 5424 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
05:30:04.0409 5424 NativeWifiP - ok
05:30:04.0659 5424 NAUpdate (934bb0d23a25c8c136570800a5a149b6) C:\Program Files (x86)\Nero\Update\NASvc.exe
05:30:04.0675 5424 NAUpdate - ok
05:30:05.0002 5424 NAVENG (a507b7d1c5f957a1aab98794eb377654) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100917.035\ENG64.SYS
05:30:05.0018 5424 NAVENG - ok
05:30:05.0517 5424 NAVEX15 (0d7d6c0fd46f12780c3bab6af891ede3) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100917.035\EX64.SYS
05:30:05.0564 5424 NAVEX15 - ok
05:30:05.0923 5424 NBVol (daca803a8d732fe5eeaa024ec342f81d) C:\Windows\system32\DRIVERS\NBVol.sys
05:30:05.0938 5424 NBVol - ok
05:30:06.0001 5424 NBVolUp (6208f622e9e35860dfb0753dff56f0c0) C:\Windows\system32\DRIVERS\NBVolUp.sys
05:30:06.0001 5424 NBVolUp - ok
05:30:06.0267 5424 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
05:30:06.0298 5424 NDIS - ok
05:30:06.0345 5424 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
05:30:06.0345 5424 NdisCap - ok
05:30:06.0392 5424 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
05:30:06.0392 5424 NdisTapi - ok
05:30:06.0407 5424 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
05:30:06.0407 5424 Ndisuio - ok
05:30:06.0438 5424 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
05:30:06.0438 5424 NdisWan - ok
05:30:06.0454 5424 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
05:30:06.0454 5424 NDProxy - ok
05:30:06.0516 5424 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
05:30:06.0516 5424 NetBIOS - ok
05:30:06.0532 5424 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
05:30:06.0532 5424 NetBT - ok
05:30:06.0563 5424 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
05:30:06.0563 5424 Netlogon - ok
05:30:06.0657 5424 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
05:30:06.0657 5424 Netman - ok
05:30:06.0797 5424 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
05:30:06.0828 5424 netprofm - ok
05:30:06.0922 5424 netr28x (44d4bd55191624c82a2745296ba42814) C:\Windows\system32\DRIVERS\netr28x.sys
05:30:06.0922 5424 netr28x - ok
05:30:06.0969 5424 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
05:30:06.0984 5424 NetTcpPortSharing - ok
05:30:07.0031 5424 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
05:30:07.0031 5424 nfrd960 - ok
05:30:07.0156 5424 NIS (b4187346f54e362daffe647b25a58d50) C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
05:30:07.0187 5424 NIS - ok
05:30:07.0234 5424 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
05:30:07.0250 5424 NlaSvc - ok
05:30:07.0250 5424 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
05:30:07.0250 5424 Npfs - ok
05:30:07.0281 5424 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
05:30:07.0281 5424 nsi - ok
05:30:07.0296 5424 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
05:30:07.0296 5424 nsiproxy - ok
05:30:07.0546 5424 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
05:30:07.0562 5424 Ntfs - ok
05:30:07.0686 5424 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
05:30:07.0686 5424 Null - ok
05:30:09.0855 5424 nvlddmkm (2218c0f9d4c694460340f2f8adccc9c0) C:\Windows\system32\DRIVERS\nvlddmkm.sys
05:30:09.0917 5424 nvlddmkm - ok
05:30:10.0136 5424 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
05:30:10.0136 5424 nvraid - ok
05:30:10.0167 5424 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
05:30:10.0182 5424 nvstor - ok
05:30:10.0260 5424 nvsvc (5218967e54dbc9cb4aaea53247a0f275) C:\Windows\system32\nvvsvc.exe
05:30:10.0260 5424 nvsvc - ok
05:30:10.0323 5424 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
05:30:10.0338 5424 nv_agp - ok
05:30:10.0370 5424 NW1950 (1490b742e560e337ac6d2f80ce9fe14b) C:\Windows\system32\DRIVERS\NW1950.sys
05:30:10.0370 5424 NW1950 - ok
05:30:10.0479 5424 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
05:30:10.0479 5424 odserv - ok
05:30:10.0494 5424 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
05:30:10.0494 5424 ohci1394 - ok
05:30:10.0588 5424 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
05:30:10.0588 5424 ose - ok
05:30:10.0682 5424 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
05:30:10.0697 5424 p2pimsvc - ok
05:30:10.0744 5424 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
05:30:10.0760 5424 p2psvc - ok
05:30:10.0791 5424 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
05:30:10.0791 5424 Parport - ok
05:30:10.0853 5424 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys
05:30:10.0853 5424 partmgr - ok
05:30:10.0884 5424 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
05:30:10.0884 5424 PcaSvc - ok
05:30:10.0900 5424 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
05:30:10.0900 5424 pci - ok
05:30:10.0916 5424 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
05:30:10.0916 5424 pciide - ok
05:30:10.0947 5424 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
05:30:10.0947 5424 pcmcia - ok
05:30:10.0962 5424 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
05:30:10.0962 5424 pcw - ok
05:30:11.0040 5424 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
05:30:11.0040 5424 PEAUTH - ok
05:30:11.0150 5424 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
05:30:11.0165 5424 PerfHost - ok
05:30:11.0274 5424 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
05:30:11.0290 5424 pla - ok
05:30:11.0430 5424 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
05:30:11.0430 5424 PlugPlay - ok
05:30:11.0446 5424 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
05:30:11.0446 5424 PNRPAutoReg - ok
05:30:11.0493 5424 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
05:30:11.0508 5424 PNRPsvc - ok
05:30:11.0602 5424 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
05:30:11.0618 5424 PolicyAgent - ok
05:30:11.0664 5424 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
05:30:11.0664 5424 Power - ok
05:30:11.0789 5424 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
05:30:11.0789 5424 PptpMiniport - ok
05:30:11.0836 5424 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
05:30:11.0836 5424 Processor - ok
05:30:12.0008 5424 ProfSvc (97293447431311c06703368ad0f6c4be) C:\Windows\system32\profsvc.dll
05:30:12.0023 5424 ProfSvc - ok
05:30:12.0086 5424 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
05:30:12.0101 5424 ProtectedStorage - ok
05:30:12.0164 5424 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
05:30:12.0164 5424 Psched - ok
05:30:12.0366 5424 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
05:30:12.0382 5424 ql2300 - ok
05:30:12.0897 5424 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
05:30:12.0897 5424 ql40xx - ok
05:30:12.0944 5424 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
05:30:12.0944 5424 QWAVE - ok
05:30:12.0959 5424 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
05:30:12.0959 5424 QWAVEdrv - ok
05:30:12.0975 5424 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
05:30:12.0975 5424 RasAcd - ok
05:30:13.0037 5424 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
05:30:13.0037 5424 RasAgileVpn - ok
05:30:13.0068 5424 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
05:30:13.0068 5424 RasAuto - ok
05:30:13.0100 5424 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
05:30:13.0100 5424 Rasl2tp - ok
05:30:13.0146 5424 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
05:30:13.0146 5424 RasMan - ok
05:30:13.0178 5424 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
05:30:13.0178 5424 RasPppoe - ok
05:30:13.0193 5424 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
05:30:13.0193 5424 RasSstp - ok
05:30:13.0224 5424 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
05:30:13.0224 5424 rdbss - ok
05:30:13.0256 5424 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
05:30:13.0256 5424 rdpbus - ok
05:30:13.0271 5424 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
05:30:13.0287 5424 RDPCDD - ok
05:30:13.0365 5424 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
05:30:13.0396 5424 RDPENCDD - ok
05:30:13.0427 5424 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
05:30:13.0427 5424 RDPREFMP - ok
05:30:13.0474 5424 RDPWD (447de7e3dea39d422c1504f245b668b1) C:\Windows\system32\drivers\RDPWD.sys
05:30:13.0474 5424 RDPWD - ok
05:30:13.0490 5424 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
05:30:13.0505 5424 rdyboost - ok
05:30:13.0583 5424 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
05:30:13.0583 5424 RemoteAccess - ok
05:30:13.0692 5424 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
05:30:13.0692 5424 RemoteRegistry - ok
05:30:13.0724 5424 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
05:30:13.0724 5424 RpcEptMapper - ok
05:30:13.0755 5424 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
05:30:13.0755 5424 RpcLocator - ok
05:30:13.0833 5424 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
05:30:13.0833 5424 RpcSs - ok
05:30:13.0942 5424 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
05:30:13.0942 5424 rspndr - ok
05:30:14.0036 5424 RTL8167 (3b01789ee4eaee97f5eb46b711387d5e) C:\Windows\system32\DRIVERS\Rt64win7.sys
05:30:14.0036 5424 RTL8167 - ok
05:30:14.0098 5424 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
05:30:14.0098 5424 SamSs - ok
05:30:14.0129 5424 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
05:30:14.0129 5424 sbp2port - ok
05:30:14.0192 5424 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
05:30:14.0192 5424 SCardSvr - ok
05:30:14.0207 5424 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
05:30:14.0207 5424 scfilter - ok
05:30:14.0301 5424 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
05:30:14.0316 5424 Schedule - ok
05:30:14.0348 5424 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
05:30:14.0348 5424 SCPolicySvc - ok
05:30:14.0379 5424 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
05:30:14.0379 5424 SDRSVC - ok
05:30:14.0504 5424 SeaPort (16a252022535b680046f6e34e136d378) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
05:30:14.0504 5424 SeaPort - ok
05:30:14.0566 5424 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
05:30:14.0582 5424 secdrv - ok
05:30:14.0597 5424 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
05:30:14.0597 5424 seclogon - ok
05:30:14.0613 5424 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
05:30:14.0613 5424 SENS - ok
05:30:14.0644 5424 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
05:30:14.0644 5424 SensrSvc - ok
05:30:14.0660 5424 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
05:30:14.0660 5424 Serenum - ok
05:30:14.0738 5424 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
05:30:14.0738 5424 Serial - ok
05:30:14.0753 5424 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
05:30:14.0753 5424 sermouse - ok
05:30:14.0784 5424 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
05:30:14.0800 5424 SessionEnv - ok
05:30:14.0800 5424 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
05:30:14.0800 5424 sffdisk - ok
05:30:14.0816 5424 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
05:30:14.0816 5424 sffp_mmc - ok
05:30:14.0831 5424 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
05:30:14.0831 5424 sffp_sd - ok
05:30:14.0847 5424 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
05:30:14.0847 5424 sfloppy - ok
05:30:14.0925 5424 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
05:30:14.0925 5424 SharedAccess - ok
05:30:14.0956 5424 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
05:30:14.0956 5424 ShellHWDetection - ok
05:30:15.0018 5424 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
05:30:15.0018 5424 SiSRaid2 - ok
05:30:15.0050 5424 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
05:30:15.0050 5424 SiSRaid4 - ok
05:30:15.0065 5424 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
05:30:15.0065 5424 Smb - ok
05:30:15.0112 5424 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
05:30:15.0112 5424 SNMPTRAP - ok
05:30:15.0128 5424 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
05:30:15.0128 5424 spldr - ok
05:30:15.0174 5424 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
05:30:15.0190 5424 Spooler - ok
05:30:15.0424 5424 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
05:30:15.0455 5424 sppsvc - ok
05:30:15.0549 5424 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
05:30:15.0564 5424 sppuinotify - ok
05:30:15.0674 5424 SRTSP (96babc4906ecdb1c69d1176f8647ad8e) C:\Windows\System32\Drivers\NISx64\1109000.00C\SRTSP64.SYS
05:30:15.0689 5424 SRTSP - ok
05:30:15.0705 5424 SRTSPX (c7f491a290e0e4222f5cdcd50eeb8167) C:\Windows\system32\drivers\NISx64\1109000.00C\SRTSPX64.SYS
05:30:15.0705 5424 SRTSPX - ok
05:30:15.0767 5424 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
05:30:15.0767 5424 srv - ok
05:30:15.0814 5424 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
05:30:15.0814 5424 srv2 - ok
05:30:15.0861 5424 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
05:30:15.0861 5424 srvnet - ok
05:30:15.0939 5424 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
05:30:15.0939 5424 SSDPSRV - ok
05:30:15.0954 5424 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
05:30:15.0954 5424 SstpSvc - ok
05:30:15.0970 5424 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
05:30:15.0970 5424 stexstor - ok
05:30:16.0079 5424 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
05:30:16.0095 5424 stisvc - ok
05:30:16.0095 5424 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
05:30:16.0095 5424 swenum - ok
05:30:16.0142 5424 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
05:30:16.0142 5424 swprv - ok
05:30:16.0251 5424 SymDS (659b227a72b76115975a6a9491b2fe1f) C:\Windows\system32\drivers\NISx64\1109000.00C\SYMDS64.SYS
05:30:16.0251 5424 SymDS - ok
05:30:16.0329 5424 SymEFA (9f5783a4a03d0091cdbdaa858b566926) C:\Windows\system32\drivers\NISx64\1109000.00C\SYMEFA64.SYS
05:30:16.0329 5424 SymEFA - ok
05:30:16.0391 5424 SymEvent (3f9d5fe52585e2653e59fdbfdf09a94c) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
05:30:16.0391 5424 SymEvent - ok
05:30:16.0407 5424 SymIRON (f57588546e738db1583981d8f44e9bc2) C:\Windows\system32\drivers\NISx64\1109000.00C\Ironx64.SYS
05:30:16.0407 5424 SymIRON - ok
05:30:16.0454 5424 SYMTDIv (3adfb72f0797ae3832509fe030755e21) C:\Windows\System32\Drivers\NISx64\1109000.00C\SYMTDIV.SYS
05:30:16.0454 5424 SYMTDIv - ok
05:30:16.0594 5424 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
05:30:16.0610 5424 SysMain - ok
05:30:16.0750 5424 szkg5 (8598e4a12eaa945b35365dd2750b9777) C:\Windows\syswow64\DRIVERS\szkg64.sys
05:30:16.0750 5424 szkg5 - ok
05:30:16.0828 5424 szserver (8fdaf81240a4057162cad255f02a844e) C:\Program Files (x86)\Common Files\iS3\Anti-Spyware\SZServer.exe
05:30:16.0844 5424 szserver - ok
05:30:16.0922 5424 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
05:30:16.0937 5424 TabletInputService - ok
05:30:16.0968 5424 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
05:30:16.0968 5424 TapiSrv - ok
05:30:16.0984 5424 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
05:30:16.0984 5424 TBS - ok
05:30:17.0187 5424 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys
05:30:17.0202 5424 Tcpip - ok
05:30:17.0405 5424 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys
05:30:17.0421 5424 TCPIP6 - ok
05:30:17.0483 5424 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
05:30:17.0483 5424 tcpipreg - ok
05:30:17.0530 5424 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
05:30:17.0530 5424 TDPIPE - ok
05:30:17.0561 5424 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
05:30:17.0561 5424 TDTCP - ok
05:30:17.0577 5424 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
05:30:17.0592 5424 tdx - ok
05:30:17.0608 5424 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
05:30:17.0608 5424 TermDD - ok
05:30:17.0670 5424 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
05:30:17.0686 5424 TermService - ok
05:30:17.0702 5424 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
05:30:17.0702 5424 Themes - ok
05:30:17.0717 5424 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
05:30:17.0717 5424 THREADORDER - ok
05:30:17.0748 5424 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
05:30:17.0748 5424 TrkWks - ok
05:30:17.0795 5424 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
05:30:17.0811 5424 TrustedInstaller - ok
05:30:17.0826 5424 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
05:30:17.0826 5424 tssecsrv - ok
05:30:17.0889 5424 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
05:30:17.0889 5424 tunnel - ok
05:30:17.0904 5424 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
05:30:17.0920 5424 uagp35 - ok
05:30:17.0951 5424 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
05:30:17.0951 5424 udfs - ok
05:30:17.0982 5424 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
05:30:17.0982 5424 UI0Detect - ok
05:30:17.0998 5424 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
05:30:18.0014 5424 uliagpkx - ok
05:30:18.0045 5424 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
05:30:18.0060 5424 umbus - ok
05:30:18.0060 5424 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
05:30:18.0076 5424 UmPass - ok
05:30:18.0107 5424 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
05:30:18.0107 5424 upnphost - ok
05:30:18.0170 5424 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
05:30:18.0170 5424 USBAAPL64 - ok
05:30:18.0216 5424 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
05:30:18.0216 5424 usbccgp - ok
05:30:18.0294 5424 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
05:30:18.0294 5424 usbcir - ok
05:30:18.0326 5424 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\drivers\usbehci.sys
05:30:18.0326 5424 usbehci - ok
05:30:18.0404 5424 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
05:30:18.0404 5424 usbhub - ok
05:30:18.0450 5424 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
05:30:18.0450 5424 usbohci - ok
05:30:18.0497 5424 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
05:30:18.0497 5424 usbprint - ok
05:30:18.0575 5424 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
05:30:18.0575 5424 usbscan - ok
05:30:18.0606 5424 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
05:30:18.0606 5424 USBSTOR - ok
05:30:18.0669 5424 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
05:30:18.0669 5424 usbuhci - ok
05:30:18.0747 5424 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
05:30:18.0747 5424 usbvideo - ok
05:30:18.0762 5424 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
05:30:18.0778 5424 UxSms - ok
05:30:18.0794 5424 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
05:30:18.0809 5424 VaultSvc - ok
05:30:18.0872 5424 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
05:30:18.0872 5424 vdrvroot - ok
05:30:18.0918 5424 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
05:30:18.0950 5424 vds - ok
05:30:18.0950 5424 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
05:30:18.0965 5424 vga - ok
05:30:18.0981 5424 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
05:30:18.0981 5424 VgaSave - ok
05:30:18.0996 5424 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
05:30:18.0996 5424 vhdmp - ok
05:30:19.0028 5424 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
05:30:19.0028 5424 viaide - ok
05:30:19.0043 5424 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
05:30:19.0043 5424 volmgr - ok
05:30:19.0106 5424 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
05:30:19.0106 5424 volmgrx - ok
05:30:19.0137 5424 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
05:30:19.0152 5424 volsnap - ok
05:30:19.0340 5424 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
05:30:19.0355 5424 vsmraid - ok
05:30:19.0511 5424 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
05:30:19.0527 5424 VSS - ok
05:30:19.0652 5424 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
05:30:19.0652 5424 vwifibus - ok
05:30:19.0714 5424 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
05:30:19.0714 5424 vwififlt - ok
05:30:19.0776 5424 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
05:30:19.0776 5424 vwifimp - ok
05:30:19.0823 5424 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
05:30:19.0823 5424 W32Time - ok
05:30:19.0839 5424 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
05:30:19.0839 5424 WacomPen - ok
05:30:19.0901 5424 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
05:30:19.0901 5424 WANARP - ok
05:30:19.0901 5424 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
05:30:19.0901 5424 Wanarpv6 - ok
05:30:20.0104 5424 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
05:30:20.0166 5424 WatAdminSvc - ok
05:30:20.0478 5424 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
05:30:20.0510 5424 wbengine - ok
05:30:20.0619 5424 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
05:30:20.0619 5424 WbioSrvc - ok
05:30:20.0728 5424 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
05:30:20.0728 5424 wcncsvc - ok
05:30:20.0759 5424 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
05:30:20.0759 5424 WcsPlugInService - ok
05:30:20.0806 5424 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
05:30:20.0806 5424 Wd - ok
05:30:20.0868 5424 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
05:30:20.0868 5424 Wdf01000 - ok
05:30:20.0884 5424 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
05:30:20.0884 5424 WdiServiceHost - ok
05:30:20.0884 5424 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
05:30:20.0884 5424 WdiSystemHost - ok
05:30:20.0931 5424 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
05:30:20.0946 5424 WebClient - ok
05:30:20.0978 5424 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
05:30:20.0978 5424 Wecsvc - ok
05:30:20.0993 5424 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
05:30:20.0993 5424 wercplsupport - ok
05:30:21.0056 5424 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
05:30:21.0056 5424 WerSvc - ok
05:30:21.0134 5424 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
05:30:21.0134 5424 WfpLwf - ok
05:30:21.0149 5424 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
05:30:21.0165 5424 WIMMount - ok
05:30:21.0227 5424 WinDefend - ok
05:30:21.0227 5424 WinHttpAutoProxySvc - ok
05:30:21.0290 5424 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
05:30:21.0290 5424 Winmgmt - ok
05:30:21.0430 5424 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
05:30:21.0461 5424 WinRM - ok
05:30:21.0648 5424 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
05:30:21.0648 5424 WinUsb - ok
05:30:21.0726 5424 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
05:30:21.0742 5424 Wlansvc - ok
05:30:21.0992 5424 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
05:30:22.0007 5424 wlidsvc - ok
05:30:22.0148 5424 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
05:30:22.0148 5424 WmiAcpi - ok
05:30:22.0194 5424 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
05:30:22.0194 5424 wmiApSrv - ok
05:30:22.0226 5424 WMPNetworkSvc - ok
05:30:22.0241 5424 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
05:30:22.0241 5424 WPCSvc - ok
05:30:22.0257 5424 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
05:30:22.0257 5424 WPDBusEnum - ok
05:30:22.0272 5424 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
05:30:22.0272 5424 ws2ifsl - ok
05:30:22.0366 5424 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\system32\wscsvc.dll
05:30:22.0366 5424 wscsvc - ok
05:30:22.0366 5424 WSearch - ok
05:30:22.0553 5424 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
05:30:22.0569 5424 wuauserv - ok
05:30:22.0740 5424 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
05:30:22.0740 5424 WudfPf - ok
05:30:22.0803 5424 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
05:30:22.0803 5424 WUDFRd - ok
05:30:22.0850 5424 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
05:30:22.0850 5424 wudfsvc - ok
05:30:22.0896 5424 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
05:30:22.0896 5424 WwanSvc - ok
05:30:23.0146 5424 {55662437-DA8C-40c0-AADA-2C816A897A49} (74983addca2d9618512c088d856d6615) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
05:30:23.0146 5424 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok
05:30:23.0162 5424 MBR (0x1B8) (87eec56ba51d7cfd5e0925c20273c42a) \Device\Harddisk0\DR0
05:30:23.0520 5424 \Device\Harddisk0\DR0 - ok
05:30:23.0520 5424 Boot (0x1200) (3567bf5794a47768a203881f43e91aaa) \Device\Harddisk0\DR0\Partition0
05:30:23.0520 5424 \Device\Harddisk0\DR0\Partition0 - ok
05:30:23.0520 5424 Boot (0x1200) (792072ee9b60db50bc7910f8392b8199) \Device\Harddisk0\DR0\Partition1
05:30:23.0520 5424 \Device\Harddisk0\DR0\Partition1 - ok
05:30:23.0552 5424 Boot (0x1200) (55fc8ceb0698a80fb6ccc6709d4ea7ae) \Device\Harddisk0\DR0\Partition2
05:30:23.0567 5424 \Device\Harddisk0\DR0\Partition2 - ok
05:30:23.0567 5424 ============================================================
05:30:23.0567 5424 Scan finished
05:30:23.0567 5424 ============================================================
05:30:23.0614 5416 Detected object count: 0
05:30:23.0614 5416 Actual detected object count: 0


aswMBR:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-18 05:33:58
-----------------------------
05:33:58.599 OS Version: Windows x64 6.1.7600
05:33:58.599 Number of processors: 4 586 0x2502
05:33:58.599 ComputerName: SYDANDMELITTA UserName:
05:34:01.703 Initialize success
05:36:21.040 AVAST engine defs: 12071700
05:36:28.809 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
05:36:28.809 Disk 0 Vendor: Hitachi_ JP4O Size: 953869MB BusType: 3
05:36:28.824 Disk 0 MBR read successfully
05:36:28.824 Disk 0 MBR scan
05:36:28.840 Disk 0 unknown MBR code
05:36:28.840 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
05:36:28.856 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 940668 MB offset 206848
05:36:28.887 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 13099 MB offset 1926694912
05:36:28.934 Disk 0 scanning C:\Windows\system32\drivers
05:36:38.231 Service scanning
05:36:57.905 Modules scanning
05:36:57.905 Disk 0 trace - called modules:
05:36:57.952 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
05:36:57.967 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80057d9060]
05:36:57.967 3 CLASSPNP.SYS[fffff88000dc743f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80048bb050]
05:37:00.541 AVAST engine scan C:\Windows
05:37:05.128 AVAST engine scan C:\Windows\system32
05:40:25.122 AVAST engine scan C:\Windows\system32\drivers
05:41:04.918 AVAST engine scan C:\Users\Syd and Melitta
05:55:33.684 AVAST engine scan C:\ProgramData
05:58:48.594 Scan finished successfully
06:00:56.343 Disk 0 MBR has been saved successfully to "C:\Users\Syd and Melitta\Desktop\MBR.dat"
06:00:56.358 The log file has been saved successfully to "C:\Users\Syd and Melitta\Desktop\aswMBR.txt"

Hi Gringo,
Thanks, and of note, when I have run TDSS whilst still infected (prior to combofix run) it aslo didnt pick the issue (possble bcminer - found via malwarebytes)
Computer status: is working fine with no redirects etc....

TDSSKiller:

05:29:13.0963 5272 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
05:29:15.0024 5272 ============================================================
05:29:15.0024 5272 Current date / time: 2012/07/18 05:29:15.0024
05:29:15.0024 5272 SystemInfo:
05:29:15.0024 5272
05:29:15.0024 5272 OS Version: 6.1.7600 ServicePack: 0.0
05:29:15.0024 5272 Product type: Workstation
05:29:15.0024 5272 ComputerName: SYDANDMELITTA
05:29:15.0024 5272 UserName: Syd and Melitta
05:29:15.0024 5272 Windows directory: C:\Windows
05:29:15.0024 5272 System windows directory: C:\Windows
05:29:15.0024 5272 Running under WOW64
05:29:15.0024 5272 Processor architecture: Intel x64
05:29:15.0024 5272 Number of processors: 4
05:29:15.0024 5272 Page size: 0x1000
05:29:15.0024 5272 Boot type: Normal boot
05:29:15.0024 5272 ============================================================
05:29:20.0172 5272 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
05:29:20.0172 5272 ============================================================
05:29:20.0172 5272 \Device\Harddisk0\DR0:
05:29:20.0203 5272 MBR partitions:
05:29:20.0203 5272 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
05:29:20.0203 5272 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x72D3E000
05:29:20.0203 5272 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x72D70800, BlocksNum 0x1995800
05:29:20.0203 5272 ============================================================
05:29:20.0266 5272 C: <-> \Device\Harddisk0\DR0\Partition1
05:29:20.0437 5272 D: <-> \Device\Harddisk0\DR0\Partition2
05:29:20.0437 5272 ============================================================
05:29:20.0437 5272 Initialize success
05:29:20.0437 5272 ============================================================
05:29:22.0231 5424 ============================================================
05:29:22.0231 5424 Scan started
05:29:22.0231 5424 Mode: Manual;
05:29:22.0231 5424 ============================================================
05:29:28.0705 5424 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
05:29:28.0705 5424 1394ohci - ok
05:29:29.0158 5424 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
05:29:29.0158 5424 ACPI - ok
05:29:29.0267 5424 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
05:29:29.0267 5424 AcpiPmi - ok
05:29:29.0657 5424 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
05:29:29.0672 5424 adp94xx - ok
05:29:29.0906 5424 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
05:29:29.0942 5424 adpahci - ok
05:29:30.0112 5424 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
05:29:30.0132 5424 adpu320 - ok
05:29:30.0282 5424 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
05:29:30.0282 5424 AeLookupSvc - ok
05:29:30.0632 5424 AERTFilters (3ac22a3dfa8a050e35f0e3cd99d0cdf2) C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
05:29:30.0632 5424 AERTFilters - ok
05:29:31.0696 5424 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
05:29:31.0727 5424 AFD - ok
05:29:32.0133 5424 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
05:29:32.0148 5424 agp440 - ok
05:29:32.0507 5424 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
05:29:32.0507 5424 ALG - ok
05:29:32.0694 5424 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
05:29:32.0710 5424 aliide - ok
05:29:33.0178 5424 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
05:29:33.0178 5424 amdide - ok
05:29:33.0272 5424 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
05:29:33.0303 5424 AmdK8 - ok
05:29:33.0365 5424 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
05:29:33.0396 5424 AmdPPM - ok
05:29:33.0568 5424 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
05:29:33.0599 5424 amdsata - ok
05:29:33.0849 5424 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
05:29:33.0864 5424 amdsbs - ok
05:29:34.0301 5424 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
05:29:34.0301 5424 amdxata - ok
05:29:34.0488 5424 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
05:29:34.0488 5424 AppID - ok
05:29:34.0566 5424 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
05:29:34.0566 5424 AppIDSvc - ok
05:29:34.0722 5424 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
05:29:34.0738 5424 Appinfo - ok
05:29:36.0189 5424 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
05:29:36.0204 5424 Apple Mobile Device - ok
05:29:36.0485 5424 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
05:29:36.0501 5424 arc - ok
05:29:36.0704 5424 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
05:29:36.0719 5424 arcsas - ok
05:29:36.0860 5424 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
05:29:36.0875 5424 AsyncMac - ok
05:29:36.0969 5424 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
05:29:36.0969 5424 atapi - ok
05:29:37.0328 5424 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
05:29:37.0374 5424 AudioEndpointBuilder - ok
05:29:37.0374 5424 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
05:29:37.0374 5424 AudioSrv - ok
05:29:38.0076 5424 AVerAVF2 (549f501ee4e4b296399557da435c3b15) C:\Windows\system32\DRIVERS\AVerAVF2.sys
05:29:38.0092 5424 AVerAVF2 - ok
05:29:38.0373 5424 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
05:29:38.0373 5424 AxInstSV - ok
05:29:38.0607 5424 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
05:29:38.0622 5424 b06bdrv - ok
05:29:38.0794 5424 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
05:29:38.0794 5424 b57nd60a - ok
05:29:39.0012 5424 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
05:29:39.0012 5424 BDESVC - ok
05:29:39.0044 5424 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
05:29:39.0075 5424 Beep - ok
05:29:39.0574 5424 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
05:29:39.0574 5424 BFE - ok
05:29:40.0245 5424 BHDrvx64 (ddae7b27bdbb3da1276784753138b9c2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100901.003\BHDrvx64.sys
05:29:40.0260 5424 BHDrvx64 - ok
05:29:40.0900 5424 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\system32\qmgr.dll
05:29:40.0916 5424 BITS - ok
05:29:41.0087 5424 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
05:29:41.0087 5424 blbdrive - ok
05:29:41.0384 5424 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
05:29:41.0384 5424 Bonjour Service - ok
05:29:41.0524 5424 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
05:29:41.0555 5424 bowser - ok
05:29:41.0742 5424 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
05:29:41.0742 5424 BrFiltLo - ok
05:29:41.0774 5424 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
05:29:41.0789 5424 BrFiltUp - ok
05:29:41.0883 5424 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
05:29:41.0883 5424 BridgeMP - ok
05:29:41.0914 5424 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
05:29:41.0930 5424 Browser - ok
05:29:41.0961 5424 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
05:29:41.0976 5424 Brserid - ok
05:29:41.0992 5424 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
05:29:42.0008 5424 BrSerWdm - ok
05:29:42.0070 5424 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
05:29:42.0070 5424 BrUsbMdm - ok
05:29:42.0101 5424 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
05:29:42.0101 5424 BrUsbSer - ok
05:29:42.0164 5424 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
05:29:42.0195 5424 BTHMODEM - ok
05:29:42.0398 5424 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
05:29:42.0398 5424 bthserv - ok
05:29:42.0538 5424 CalendarSynchService (8f65d2b9331a2b38fcf69f24f756c2fd) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
05:29:42.0538 5424 CalendarSynchService - ok
05:29:42.0632 5424 catchme - ok
05:29:42.0944 5424 ccHP (37f1baec39b505b3b51893a35c8337ea) C:\Windows\system32\drivers\NISx64\1109000.00C\ccHPx64.sys
05:29:42.0959 5424 ccHP - ok
05:29:43.0053 5424 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
05:29:43.0053 5424 cdfs - ok
05:29:43.0162 5424 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
05:29:43.0162 5424 cdrom - ok
05:29:43.0271 5424 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
05:29:43.0271 5424 CertPropSvc - ok
05:29:43.0349 5424 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
05:29:43.0349 5424 circlass - ok
05:29:43.0380 5424 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
05:29:43.0396 5424 CLFS - ok
05:29:43.0505 5424 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
05:29:43.0521 5424 clr_optimization_v2.0.50727_32 - ok
05:29:43.0599 5424 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
05:29:43.0646 5424 clr_optimization_v2.0.50727_64 - ok
05:29:43.0973 5424 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
05:29:44.0082 5424 clr_optimization_v4.0.30319_32 - ok
05:29:44.0145 5424 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
05:29:44.0145 5424 clr_optimization_v4.0.30319_64 - ok
05:29:44.0238 5424 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
05:29:44.0238 5424 CmBatt - ok
05:29:44.0285 5424 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
05:29:44.0285 5424 cmdide - ok
05:29:44.0348 5424 CNG (ca7720b73446fddec5c69519c1174c98) C:\Windows\system32\Drivers\cng.sys
05:29:44.0363 5424 CNG - ok
05:29:44.0379 5424 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
05:29:44.0379 5424 Compbatt - ok
05:29:44.0410 5424 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
05:29:44.0426 5424 CompositeBus - ok
05:29:44.0441 5424 COMSysApp - ok
05:29:44.0504 5424 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
05:29:44.0504 5424 crcdisk - ok
05:29:44.0691 5424 CryptSvc (f02786b66375292e58c8777082d4396d) C:\Windows\system32\cryptsvc.dll
05:29:44.0691 5424 CryptSvc - ok
05:29:44.0753 5424 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
05:29:44.0769 5424 DcomLaunch - ok
05:29:44.0987 5424 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
05:29:45.0018 5424 defragsvc - ok
05:29:45.0081 5424 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
05:29:45.0096 5424 DfsC - ok
05:29:45.0252 5424 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
05:29:45.0252 5424 Dhcp - ok
05:29:45.0362 5424 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
05:29:45.0377 5424 discache - ok
05:29:45.0471 5424 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
05:29:45.0471 5424 Disk - ok
05:29:45.0596 5424 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
05:29:45.0627 5424 Dnscache - ok
05:29:45.0705 5424 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
05:29:45.0736 5424 dot3svc - ok
05:29:45.0861 5424 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
05:29:45.0892 5424 DPS - ok
05:29:45.0939 5424 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
05:29:45.0954 5424 drmkaud - ok
05:29:46.0719 5424 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
05:29:46.0719 5424 DXGKrnl - ok
05:29:46.0937 5424 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
05:29:46.0953 5424 EapHost - ok
05:29:48.0294 5424 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
05:29:48.0435 5424 ebdrv - ok
05:29:49.0043 5424 eeCtrl (066108ae4c35835081598827a1a7d08d) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
05:29:49.0059 5424 eeCtrl - ok
05:29:49.0542 5424 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
05:29:49.0542 5424 EFS - ok
05:29:49.0886 5424 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
05:29:49.0964 5424 ehRecvr - ok
05:29:50.0042 5424 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
05:29:50.0042 5424 ehSched - ok
05:29:50.0166 5424 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
05:29:50.0182 5424 elxstor - ok
05:29:50.0494 5424 EraserUtilRebootDrv (12866876e3851f1e5d462b2a83e25578) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
05:29:50.0494 5424 EraserUtilRebootDrv - ok
05:29:50.0525 5424 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
05:29:50.0525 5424 ErrDev - ok
05:29:50.0697 5424 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
05:29:50.0697 5424 EventSystem - ok
05:29:50.0744 5424 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
05:29:50.0744 5424 exfat - ok
05:29:50.0790 5424 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
05:29:50.0790 5424 fastfat - ok
05:29:51.0446 5424 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
05:29:51.0446 5424 Fax - ok
05:29:51.0602 5424 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
05:29:51.0602 5424 fdc - ok
05:29:51.0664 5424 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
05:29:51.0664 5424 fdPHost - ok
05:29:51.0695 5424 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
05:29:51.0695 5424 FDResPub - ok
05:29:51.0726 5424 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
05:29:51.0726 5424 FileInfo - ok
05:29:51.0773 5424 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
05:29:51.0773 5424 Filetrace - ok
05:29:51.0867 5424 FintekCIR (35daad359197828d3cf3965764f5d82c) C:\Windows\system32\DRIVERS\FintekCIR.sys
05:29:51.0867 5424 FintekCIR - ok
05:29:51.0867 5424 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
05:29:51.0867 5424 flpydisk - ok
05:29:52.0132 5424 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
05:29:52.0148 5424 FltMgr - ok
05:29:52.0756 5424 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
05:29:52.0834 5424 FontCache - ok
05:29:52.0974 5424 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
05:29:52.0974 5424 FontCache3.0.0.0 - ok
05:29:53.0162 5424 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
05:29:53.0162 5424 FsDepends - ok
05:29:53.0193 5424 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
05:29:53.0193 5424 Fs_Rec - ok
05:29:53.0396 5424 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
05:29:53.0411 5424 fvevol - ok
05:29:53.0505 5424 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
05:29:53.0505 5424 gagp30kx - ok
05:29:53.0661 5424 GameConsoleService (c1bbce4b30b45410178ee674c818d10c) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
05:29:53.0692 5424 GameConsoleService - ok
05:29:53.0739 5424 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
05:29:53.0739 5424 GEARAspiWDM - ok
05:29:54.0300 5424 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
05:29:54.0378 5424 gpsvc - ok
05:29:54.0456 5424 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
05:29:54.0456 5424 gupdate - ok
05:29:54.0550 5424 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
05:29:54.0550 5424 gupdatem - ok
05:29:54.0581 5424 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
05:29:54.0581 5424 hcw85cir - ok
05:29:54.0628 5424 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
05:29:54.0628 5424 HDAudBus - ok
05:29:54.0768 5424 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
05:29:54.0768 5424 HECIx64 - ok
05:29:54.0831 5424 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
05:29:54.0846 5424 HidBatt - ok
05:29:54.0956 5424 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
05:29:54.0971 5424 HidBth - ok
05:29:55.0190 5424 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
05:29:55.0190 5424 HidIr - ok
05:29:55.0283 5424 hidkmdf (ac0e56c858b86732420a44827b7ce2c9) C:\Windows\system32\DRIVERS\hidkmdf.sys
05:29:55.0283 5424 hidkmdf - ok
05:29:55.0392 5424 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
05:29:55.0392 5424 hidserv - ok
05:29:55.0533 5424 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
05:29:55.0533 5424 HidUsb - ok
05:29:55.0580 5424 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
05:29:55.0595 5424 hkmsvc - ok
05:29:55.0611 5424 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
05:29:55.0611 5424 HomeGroupListener - ok
05:29:55.0658 5424 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
05:29:55.0658 5424 HomeGroupProvider - ok
05:29:55.0767 5424 HP Health Check Service (58c91cca61a948dc6e789c93c05a1d6f) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
05:29:55.0814 5424 HP Health Check Service - ok
05:29:55.0938 5424 hpqwmiex (fdf273a845f1ffcceadf363aaf47582f) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
05:29:55.0954 5424 hpqwmiex - ok
05:29:56.0032 5424 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
05:29:56.0032 5424 HpSAMD - ok
05:29:56.0157 5424 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
05:29:56.0157 5424 HTTP - ok
05:29:56.0172 5424 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
05:29:56.0172 5424 hwpolicy - ok
05:29:56.0188 5424 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
05:29:56.0204 5424 i8042prt - ok
05:29:56.0266 5424 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
05:29:56.0266 5424 iaStor - ok
05:29:56.0562 5424 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
05:29:56.0594 5424 iaStorV - ok
05:29:56.0750 5424 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
05:29:56.0750 5424 IDriverT - ok
05:29:56.0968 5424 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
05:29:56.0984 5424 idsvc - ok
05:29:57.0311 5424 IDSVia64 (c3292140bf458b46cf8abbfd7e177bbe) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100916.001\IDSvia64.sys
05:29:57.0311 5424 IDSVia64 - ok
05:29:57.0530 5424 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
05:29:57.0545 5424 iirsp - ok
05:29:58.0029 5424 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
05:29:58.0044 5424 IKEEXT - ok
05:29:58.0388 5424 IntcAzAudAddService (430aab6c09af99d5beb311795349e9dd) C:\Windows\system32\drivers\RTKVHD64.sys
05:29:58.0403 5424 IntcAzAudAddService - ok
05:29:58.0637 5424 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
05:29:58.0637 5424 intelide - ok
05:29:58.0746 5424 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
05:29:58.0746 5424 intelppm - ok
05:29:58.0965 5424 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
05:29:58.0965 5424 IPBusEnum - ok
05:29:59.0214 5424 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
05:29:59.0214 5424 IpFilterDriver - ok
05:29:59.0636 5424 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
05:29:59.0651 5424 iphlpsvc - ok
05:29:59.0667 5424 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
05:29:59.0682 5424 IPMIDRV - ok
05:29:59.0870 5424 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
05:29:59.0870 5424 IPNAT - ok
05:30:00.0384 5424 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
05:30:00.0400 5424 iPod Service - ok
05:30:00.0494 5424 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
05:30:00.0494 5424 IRENUM - ok
05:30:00.0790 5424 is3srv (8598e4a12eaa945b35365dd2750b9777) C:\Windows\syswow64\drivers\is3srv64.sys
05:30:00.0790 5424 is3srv - ok
05:30:00.0852 5424 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
05:30:00.0852 5424 isapnp - ok
05:30:00.0899 5424 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
05:30:00.0930 5424 iScsiPrt - ok
05:30:00.0977 5424 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
05:30:00.0977 5424 kbdclass - ok
05:30:01.0024 5424 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
05:30:01.0024 5424 kbdhid - ok
05:30:01.0055 5424 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
05:30:01.0055 5424 KeyIso - ok
05:30:01.0133 5424 KSecDD (4f4b5fde429416877de7143044582eb5) C:\Windows\system32\Drivers\ksecdd.sys
05:30:01.0133 5424 KSecDD - ok
05:30:01.0180 5424 KSecPkg (6f40465a44ecdc1731befafec5bdd03c) C:\Windows\system32\Drivers\ksecpkg.sys
05:30:01.0180 5424 KSecPkg - ok
05:30:01.0196 5424 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
05:30:01.0211 5424 ksthunk - ok
05:30:01.0383 5424 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
05:30:01.0383 5424 KtmRm - ok
05:30:01.0570 5424 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\System32\srvsvc.dll
05:30:01.0570 5424 LanmanServer - ok
05:30:01.0679 5424 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
05:30:01.0695 5424 LanmanWorkstation - ok
05:30:01.0835 5424 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
05:30:01.0851 5424 lltdio - ok
05:30:01.0991 5424 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
05:30:02.0069 5424 lltdsvc - ok
05:30:02.0116 5424 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
05:30:02.0116 5424 lmhosts - ok
05:30:02.0241 5424 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
05:30:02.0241 5424 LSI_FC - ok
05:30:02.0288 5424 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
05:30:02.0288 5424 LSI_SAS - ok
05:30:02.0335 5424 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
05:30:02.0335 5424 LSI_SAS2 - ok
05:30:02.0413 5424 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
05:30:02.0428 5424 LSI_SCSI - ok
05:30:02.0553 5424 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
05:30:02.0553 5424 luafv - ok
05:30:02.0584 5424 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
05:30:02.0584 5424 Mcx2Svc - ok
05:30:02.0600 5424 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
05:30:02.0600 5424 megasas - ok
05:30:02.0662 5424 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
05:30:02.0678 5424 MegaSR - ok
05:30:02.0896 5424 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
05:30:02.0912 5424 Microsoft Office Groove Audit Service - ok
05:30:02.0943 5424 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
05:30:02.0943 5424 MMCSS - ok
05:30:02.0974 5424 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
05:30:02.0974 5424 Modem - ok
05:30:03.0052 5424 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
05:30:03.0052 5424 monitor - ok
05:30:03.0130 5424 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
05:30:03.0130 5424 mouclass - ok
05:30:03.0193 5424 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
05:30:03.0193 5424 mouhid - ok
05:30:03.0208 5424 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
05:30:03.0224 5424 mountmgr - ok
05:30:03.0271 5424 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
05:30:03.0271 5424 mpio - ok
05:30:03.0271 5424 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
05:30:03.0286 5424 mpsdrv - ok
05:30:03.0520 5424 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
05:30:03.0536 5424 MpsSvc - ok
05:30:03.0567 5424 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
05:30:03.0583 5424 MRxDAV - ok
05:30:03.0629 5424 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
05:30:03.0645 5424 mrxsmb - ok
05:30:03.0739 5424 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
05:30:03.0754 5424 mrxsmb10 - ok
05:30:03.0785 5424 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
05:30:03.0785 5424 mrxsmb20 - ok
05:30:03.0817 5424 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
05:30:03.0817 5424 msahci - ok
05:30:03.0848 5424 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
05:30:03.0848 5424 msdsm - ok
05:30:03.0879 5424 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
05:30:03.0879 5424 MSDTC - ok
05:30:03.0895 5424 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
05:30:03.0895 5424 Msfs - ok
05:30:03.0910 5424 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
05:30:03.0910 5424 mshidkmdf - ok
05:30:03.0926 5424 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
05:30:03.0926 5424 msisadrv - ok
05:30:03.0988 5424 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
05:30:03.0988 5424 MSiSCSI - ok
05:30:04.0004 5424 msiserver - ok
05:30:04.0051 5424 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
05:30:04.0051 5424 MSKSSRV - ok
05:30:04.0066 5424 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
05:30:04.0066 5424 MSPCLOCK - ok
05:30:04.0066 5424 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
05:30:04.0066 5424 MSPQM - ok
05:30:04.0097 5424 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
05:30:04.0097 5424 MsRPC - ok
05:30:04.0113 5424 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
05:30:04.0113 5424 mssmbios - ok
05:30:04.0129 5424 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
05:30:04.0129 5424 MSTEE - ok
05:30:04.0175 5424 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
05:30:04.0175 5424 MTConfig - ok
05:30:04.0238 5424 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
05:30:04.0238 5424 Mup - ok
05:30:04.0316 5424 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
05:30:04.0331 5424 napagent - ok
05:30:04.0409 5424 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
05:30:04.0409 5424 NativeWifiP - ok
05:30:04.0659 5424 NAUpdate (934bb0d23a25c8c136570800a5a149b6) C:\Program Files (x86)\Nero\Update\NASvc.exe
05:30:04.0675 5424 NAUpdate - ok
05:30:05.0002 5424 NAVENG (a507b7d1c5f957a1aab98794eb377654) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100917.035\ENG64.SYS
05:30:05.0018 5424 NAVENG - ok
05:30:05.0517 5424 NAVEX15 (0d7d6c0fd46f12780c3bab6af891ede3) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100917.035\EX64.SYS
05:30:05.0564 5424 NAVEX15 - ok
05:30:05.0923 5424 NBVol (daca803a8d732fe5eeaa024ec342f81d) C:\Windows\system32\DRIVERS\NBVol.sys
05:30:05.0938 5424 NBVol - ok
05:30:06.0001 5424 NBVolUp (6208f622e9e35860dfb0753dff56f0c0) C:\Windows\system32\DRIVERS\NBVolUp.sys
05:30:06.0001 5424 NBVolUp - ok
05:30:06.0267 5424 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
05:30:06.0298 5424 NDIS - ok
05:30:06.0345 5424 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
05:30:06.0345 5424 NdisCap - ok
05:30:06.0392 5424 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
05:30:06.0392 5424 NdisTapi - ok
05:30:06.0407 5424 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
05:30:06.0407 5424 Ndisuio - ok
05:30:06.0438 5424 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
05:30:06.0438 5424 NdisWan - ok
05:30:06.0454 5424 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
05:30:06.0454 5424 NDProxy - ok
05:30:06.0516 5424 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
05:30:06.0516 5424 NetBIOS - ok
05:30:06.0532 5424 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
05:30:06.0532 5424 NetBT - ok
05:30:06.0563 5424 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
05:30:06.0563 5424 Netlogon - ok
05:30:06.0657 5424 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
05:30:06.0657 5424 Netman - ok
05:30:06.0797 5424 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
05:30:06.0828 5424 netprofm - ok
05:30:06.0922 5424 netr28x (44d4bd55191624c82a2745296ba42814) C:\Windows\system32\DRIVERS\netr28x.sys
05:30:06.0922 5424 netr28x - ok
05:30:06.0969 5424 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
05:30:06.0984 5424 NetTcpPortSharing - ok
05:30:07.0031 5424 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
05:30:07.0031 5424 nfrd960 - ok
05:30:07.0156 5424 NIS (b4187346f54e362daffe647b25a58d50) C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
05:30:07.0187 5424 NIS - ok
05:30:07.0234 5424 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
05:30:07.0250 5424 NlaSvc - ok
05:30:07.0250 5424 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
05:30:07.0250 5424 Npfs - ok
05:30:07.0281 5424 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
05:30:07.0281 5424 nsi - ok
05:30:07.0296 5424 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
05:30:07.0296 5424 nsiproxy - ok
05:30:07.0546 5424 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
05:30:07.0562 5424 Ntfs - ok
05:30:07.0686 5424 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
05:30:07.0686 5424 Null - ok
05:30:09.0855 5424 nvlddmkm (2218c0f9d4c694460340f2f8adccc9c0) C:\Windows\system32\DRIVERS\nvlddmkm.sys
05:30:09.0917 5424 nvlddmkm - ok
05:30:10.0136 5424 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
05:30:10.0136 5424 nvraid - ok
05:30:10.0167 5424 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
05:30:10.0182 5424 nvstor - ok
05:30:10.0260 5424 nvsvc (5218967e54dbc9cb4aaea53247a0f275) C:\Windows\system32\nvvsvc.exe
05:30:10.0260 5424 nvsvc - ok
05:30:10.0323 5424 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
05:30:10.0338 5424 nv_agp - ok
05:30:10.0370 5424 NW1950 (1490b742e560e337ac6d2f80ce9fe14b) C:\Windows\system32\DRIVERS\NW1950.sys
05:30:10.0370 5424 NW1950 - ok
05:30:10.0479 5424 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
05:30:10.0479 5424 odserv - ok
05:30:10.0494 5424 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
05:30:10.0494 5424 ohci1394 - ok
05:30:10.0588 5424 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
05:30:10.0588 5424 ose - ok
05:30:10.0682 5424 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
05:30:10.0697 5424 p2pimsvc - ok
05:30:10.0744 5424 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
05:30:10.0760 5424 p2psvc - ok
05:30:10.0791 5424 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
05:30:10.0791 5424 Parport - ok
05:30:10.0853 5424 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys
05:30:10.0853 5424 partmgr - ok
05:30:10.0884 5424 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
05:30:10.0884 5424 PcaSvc - ok
05:30:10.0900 5424 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
05:30:10.0900 5424 pci - ok
05:30:10.0916 5424 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
05:30:10.0916 5424 pciide - ok
05:30:10.0947 5424 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
05:30:10.0947 5424 pcmcia - ok
05:30:10.0962 5424 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
05:30:10.0962 5424 pcw - ok
05:30:11.0040 5424 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
05:30:11.0040 5424 PEAUTH - ok
05:30:11.0150 5424 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
05:30:11.0165 5424 PerfHost - ok
05:30:11.0274 5424 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
05:30:11.0290 5424 pla - ok
05:30:11.0430 5424 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
05:30:11.0430 5424 PlugPlay - ok
05:30:11.0446 5424 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
05:30:11.0446 5424 PNRPAutoReg - ok
05:30:11.0493 5424 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
05:30:11.0508 5424 PNRPsvc - ok
05:30:11.0602 5424 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
05:30:11.0618 5424 PolicyAgent - ok
05:30:11.0664 5424 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
05:30:11.0664 5424 Power - ok
05:30:11.0789 5424 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
05:30:11.0789 5424 PptpMiniport - ok
05:30:11.0836 5424 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
05:30:11.0836 5424 Processor - ok
05:30:12.0008 5424 ProfSvc (97293447431311c06703368ad0f6c4be) C:\Windows\system32\profsvc.dll
05:30:12.0023 5424 ProfSvc - ok
05:30:12.0086 5424 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
05:30:12.0101 5424 ProtectedStorage - ok
05:30:12.0164 5424 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
05:30:12.0164 5424 Psched - ok
05:30:12.0366 5424 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
05:30:12.0382 5424 ql2300 - ok
05:30:12.0897 5424 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
05:30:12.0897 5424 ql40xx - ok
05:30:12.0944 5424 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
05:30:12.0944 5424 QWAVE - ok
05:30:12.0959 5424 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
05:30:12.0959 5424 QWAVEdrv - ok
05:30:12.0975 5424 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
05:30:12.0975 5424 RasAcd - ok
05:30:13.0037 5424 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
05:30:13.0037 5424 RasAgileVpn - ok
05:30:13.0068 5424 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
05:30:13.0068 5424 RasAuto - ok
05:30:13.0100 5424 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
05:30:13.0100 5424 Rasl2tp - ok
05:30:13.0146 5424 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
05:30:13.0146 5424 RasMan - ok
05:30:13.0178 5424 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
05:30:13.0178 5424 RasPppoe - ok
05:30:13.0193 5424 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
05:30:13.0193 5424 RasSstp - ok
05:30:13.0224 5424 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
05:30:13.0224 5424 rdbss - ok
05:30:13.0256 5424 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
05:30:13.0256 5424 rdpbus - ok
05:30:13.0271 5424 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
05:30:13.0287 5424 RDPCDD - ok
05:30:13.0365 5424 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
05:30:13.0396 5424 RDPENCDD - ok
05:30:13.0427 5424 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
05:30:13.0427 5424 RDPREFMP - ok
05:30:13.0474 5424 RDPWD (447de7e3dea39d422c1504f245b668b1) C:\Windows\system32\drivers\RDPWD.sys
05:30:13.0474 5424 RDPWD - ok
05:30:13.0490 5424 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
05:30:13.0505 5424 rdyboost - ok
05:30:13.0583 5424 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
05:30:13.0583 5424 RemoteAccess - ok
05:30:13.0692 5424 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
05:30:13.0692 5424 RemoteRegistry - ok
05:30:13.0724 5424 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
05:30:13.0724 5424 RpcEptMapper - ok
05:30:13.0755 5424 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
05:30:13.0755 5424 RpcLocator - ok
05:30:13.0833 5424 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
05:30:13.0833 5424 RpcSs - ok
05:30:13.0942 5424 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
05:30:13.0942 5424 rspndr - ok
05:30:14.0036 5424 RTL8167 (3b01789ee4eaee97f5eb46b711387d5e) C:\Windows\system32\DRIVERS\Rt64win7.sys
05:30:14.0036 5424 RTL8167 - ok
05:30:14.0098 5424 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
05:30:14.0098 5424 SamSs - ok
05:30:14.0129 5424 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
05:30:14.0129 5424 sbp2port - ok
05:30:14.0192 5424 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
05:30:14.0192 5424 SCardSvr - ok
05:30:14.0207 5424 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
05:30:14.0207 5424 scfilter - ok
05:30:14.0301 5424 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
05:30:14.0316 5424 Schedule - ok
05:30:14.0348 5424 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
05:30:14.0348 5424 SCPolicySvc - ok
05:30:14.0379 5424 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
05:30:14.0379 5424 SDRSVC - ok
05:30:14.0504 5424 SeaPort (16a252022535b680046f6e34e136d378) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
05:30:14.0504 5424 SeaPort - ok
05:30:14.0566 5424 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
05:30:14.0582 5424 secdrv - ok
05:30:14.0597 5424 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
05:30:14.0597 5424 seclogon - ok
05:30:14.0613 5424 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
05:30:14.0613 5424 SENS - ok
05:30:14.0644 5424 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
05:30:14.0644 5424 SensrSvc - ok
05:30:14.0660 5424 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
05:30:14.0660 5424 Serenum - ok
05:30:14.0738 5424 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
05:30:14.0738 5424 Serial - ok
05:30:14.0753 5424 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
05:30:14.0753 5424 sermouse - ok
05:30:14.0784 5424 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
05:30:14.0800 5424 SessionEnv - ok
05:30:14.0800 5424 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
05:30:14.0800 5424 sffdisk - ok
05:30:14.0816 5424 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
05:30:14.0816 5424 sffp_mmc - ok
05:30:14.0831 5424 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
05:30:14.0831 5424 sffp_sd - ok
05:30:14.0847 5424 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
05:30:14.0847 5424 sfloppy - ok
05:30:14.0925 5424 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
05:30:14.0925 5424 SharedAccess - ok
05:30:14.0956 5424 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
05:30:14.0956 5424 ShellHWDetection - ok
05:30:15.0018 5424 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
05:30:15.0018 5424 SiSRaid2 - ok
05:30:15.0050 5424 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
05:30:15.0050 5424 SiSRaid4 - ok
05:30:15.0065 5424 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
05:30:15.0065 5424 Smb - ok
05:30:15.0112 5424 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
05:30:15.0112 5424 SNMPTRAP - ok
05:30:15.0128 5424 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
05:30:15.0128 5424 spldr - ok
05:30:15.0174 5424 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
05:30:15.0190 5424 Spooler - ok
05:30:15.0424 5424 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
05:30:15.0455 5424 sppsvc - ok
05:30:15.0549 5424 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
05:30:15.0564 5424 sppuinotify - ok
05:30:15.0674 5424 SRTSP (96babc4906ecdb1c69d1176f8647ad8e) C:\Windows\System32\Drivers\NISx64\1109000.00C\SRTSP64.SYS
05:30:15.0689 5424 SRTSP - ok
05:30:15.0705 5424 SRTSPX (c7f491a290e0e4222f5cdcd50eeb8167) C:\Windows\system32\drivers\NISx64\1109000.00C\SRTSPX64.SYS
05:30:15.0705 5424 SRTSPX - ok
05:30:15.0767 5424 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
05:30:15.0767 5424 srv - ok
05:30:15.0814 5424 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
05:30:15.0814 5424 srv2 - ok
05:30:15.0861 5424 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
05:30:15.0861 5424 srvnet - ok
05:30:15.0939 5424 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
05:30:15.0939 5424 SSDPSRV - ok
05:30:15.0954 5424 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
05:30:15.0954 5424 SstpSvc - ok
05:30:15.0970 5424 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
05:30:15.0970 5424 stexstor - ok
05:30:16.0079 5424 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
05:30:16.0095 5424 stisvc - ok
05:30:16.0095 5424 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
05:30:16.0095 5424 swenum - ok
05:30:16.0142 5424 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
05:30:16.0142 5424 swprv - ok
05:30:16.0251 5424 SymDS (659b227a72b76115975a6a9491b2fe1f) C:\Windows\system32\drivers\NISx64\1109000.00C\SYMDS64.SYS
05:30:16.0251 5424 SymDS - ok
05:30:16.0329 5424 SymEFA (9f5783a4a03d0091cdbdaa858b566926) C:\Windows\system32\drivers\NISx64\1109000.00C\SYMEFA64.SYS
05:30:16.0329 5424 SymEFA - ok
05:30:16.0391 5424 SymEvent (3f9d5fe52585e2653e59fdbfdf09a94c) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
05:30:16.0391 5424 SymEvent - ok
05:30:16.0407 5424 SymIRON (f57588546e738db1583981d8f44e9bc2) C:\Windows\system32\drivers\NISx64\1109000.00C\Ironx64.SYS
05:30:16.0407 5424 SymIRON - ok
05:30:16.0454 5424 SYMTDIv (3adfb72f0797ae3832509fe030755e21) C:\Windows\System32\Drivers\NISx64\1109000.00C\SYMTDIV.SYS
05:30:16.0454 5424 SYMTDIv - ok
05:30:16.0594 5424 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
05:30:16.0610 5424 SysMain - ok
05:30:16.0750 5424 szkg5 (8598e4a12eaa945b35365dd2750b9777) C:\Windows\syswow64\DRIVERS\szkg64.sys
05:30:16.0750 5424 szkg5 - ok
05:30:16.0828 5424 szserver (8fdaf81240a4057162cad255f02a844e) C:\Program Files (x86)\Common Files\iS3\Anti-Spyware\SZServer.exe
05:30:16.0844 5424 szserver - ok
05:30:16.0922 5424 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
05:30:16.0937 5424 TabletInputService - ok
05:30:16.0968 5424 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
05:30:16.0968 5424 TapiSrv - ok
05:30:16.0984 5424 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
05:30:16.0984 5424 TBS - ok
05:30:17.0187 5424 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys
05:30:17.0202 5424 Tcpip - ok
05:30:17.0405 5424 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys
05:30:17.0421 5424 TCPIP6 - ok
05:30:17.0483 5424 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
05:30:17.0483 5424 tcpipreg - ok
05:30:17.0530 5424 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
05:30:17.0530 5424 TDPIPE - ok
05:30:17.0561 5424 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
05:30:17.0561 5424 TDTCP - ok
05:30:17.0577 5424 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
05:30:17.0592 5424 tdx - ok
05:30:17.0608 5424 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
05:30:17.0608 5424 TermDD - ok
05:30:17.0670 5424 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
05:30:17.0686 5424 TermService - ok
05:30:17.0702 5424 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
05:30:17.0702 5424 Themes - ok
05:30:17.0717 5424 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
05:30:17.0717 5424 THREADORDER - ok
05:30:17.0748 5424 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
05:30:17.0748 5424 TrkWks - ok
05:30:17.0795 5424 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
05:30:17.0811 5424 TrustedInstaller - ok
05:30:17.0826 5424 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
05:30:17.0826 5424 tssecsrv - ok
05:30:17.0889 5424 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
05:30:17.0889 5424 tunnel - ok
05:30:17.0904 5424 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
05:30:17.0920 5424 uagp35 - ok
05:30:17.0951 5424 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
05:30:17.0951 5424 udfs - ok
05:30:17.0982 5424 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
05:30:17.0982 5424 UI0Detect - ok
05:30:17.0998 5424 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
05:30:18.0014 5424 uliagpkx - ok
05:30:18.0045 5424 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
05:30:18.0060 5424 umbus - ok
05:30:18.0060 5424 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
05:30:18.0076 5424 UmPass - ok
05:30:18.0107 5424 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
05:30:18.0107 5424 upnphost - ok
05:30:18.0170 5424 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
05:30:18.0170 5424 USBAAPL64 - ok
05:30:18.0216 5424 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
05:30:18.0216 5424 usbccgp - ok
05:30:18.0294 5424 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
05:30:18.0294 5424 usbcir - ok
05:30:18.0326 5424 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\drivers\usbehci.sys
05:30:18.0326 5424 usbehci - ok
05:30:18.0404 5424 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
05:30:18.0404 5424 usbhub - ok
05:30:18.0450 5424 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
05:30:18.0450 5424 usbohci - ok
05:30:18.0497 5424 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
05:30:18.0497 5424 usbprint - ok
05:30:18.0575 5424 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
05:30:18.0575 5424 usbscan - ok
05:30:18.0606 5424 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
05:30:18.0606 5424 USBSTOR - ok
05:30:18.0669 5424 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
05:30:18.0669 5424 usbuhci - ok
05:30:18.0747 5424 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
05:30:18.0747 5424 usbvideo - ok
05:30:18.0762 5424 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
05:30:18.0778 5424 UxSms - ok
05:30:18.0794 5424 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
05:30:18.0809 5424 VaultSvc - ok
05:30:18.0872 5424 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
05:30:18.0872 5424 vdrvroot - ok
05:30:18.0918 5424 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
05:30:18.0950 5424 vds - ok
05:30:18.0950 5424 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
05:30:18.0965 5424 vga - ok
05:30:18.0981 5424 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
05:30:18.0981 5424 VgaSave - ok
05:30:18.0996 5424 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
05:30:18.0996 5424 vhdmp - ok
05:30:19.0028 5424 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
05:30:19.0028 5424 viaide - ok
05:30:19.0043 5424 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
05:30:19.0043 5424 volmgr - ok
05:30:19.0106 5424 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
05:30:19.0106 5424 volmgrx - ok
05:30:19.0137 5424 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
05:30:19.0152 5424 volsnap - ok
05:30:19.0340 5424 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
05:30:19.0355 5424 vsmraid - ok
05:30:19.0511 5424 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
05:30:19.0527 5424 VSS - ok
05:30:19.0652 5424 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
05:30:19.0652 5424 vwifibus - ok
05:30:19.0714 5424 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
05:30:19.0714 5424 vwififlt - ok
05:30:19.0776 5424 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
05:30:19.0776 5424 vwifimp - ok
05:30:19.0823 5424 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
05:30:19.0823 5424 W32Time - ok
05:30:19.0839 5424 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
05:30:19.0839 5424 WacomPen - ok
05:30:19.0901 5424 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
05:30:19.0901 5424 WANARP - ok
05:30:19.0901 5424 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
05:30:19.0901 5424 Wanarpv6 - ok
05:30:20.0104 5424 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
05:30:20.0166 5424 WatAdminSvc - ok
05:30:20.0478 5424 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
05:30:20.0510 5424 wbengine - ok
05:30:20.0619 5424 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
05:30:20.0619 5424 WbioSrvc - ok
05:30:20.0728 5424 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
05:30:20.0728 5424 wcncsvc - ok
05:30:20.0759 5424 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
05:30:20.0759 5424 WcsPlugInService - ok
05:30:20.0806 5424 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
05:30:20.0806 5424 Wd - ok
05:30:20.0868 5424 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
05:30:20.0868 5424 Wdf01000 - ok
05:30:20.0884 5424 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
05:30:20.0884 5424 WdiServiceHost - ok
05:30:20.0884 5424 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
05:30:20.0884 5424 WdiSystemHost - ok
05:30:20.0931 5424 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
05:30:20.0946 5424 WebClient - ok
05:30:20.0978 5424 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
05:30:20.0978 5424 Wecsvc - ok
05:30:20.0993 5424 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
05:30:20.0993 5424 wercplsupport - ok
05:30:21.0056 5424 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
05:30:21.0056 5424 WerSvc - ok
05:30:21.0134 5424 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
05:30:21.0134 5424 WfpLwf - ok
05:30:21.0149 5424 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
05:30:21.0165 5424 WIMMount - ok
05:30:21.0227 5424 WinDefend - ok
05:30:21.0227 5424 WinHttpAutoProxySvc - ok
05:30:21.0290 5424 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
05:30:21.0290 5424 Winmgmt - ok
05:30:21.0430 5424 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
05:30:21.0461 5424 WinRM - ok
05:30:21.0648 5424 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
05:30:21.0648 5424 WinUsb - ok
05:30:21.0726 5424 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
05:30:21.0742 5424 Wlansvc - ok
05:30:21.0992 5424 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
05:30:22.0007 5424 wlidsvc - ok
05:30:22.0148 5424 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
05:30:22.0148 5424 WmiAcpi - ok
05:30:22.0194 5424 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
05:30:22.0194 5424 wmiApSrv - ok
05:30:22.0226 5424 WMPNetworkSvc - ok
05:30:22.0241 5424 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
05:30:22.0241 5424 WPCSvc - ok
05:30:22.0257 5424 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
05:30:22.0257 5424 WPDBusEnum - ok
05:30:22.0272 5424 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
05:30:22.0272 5424 ws2ifsl - ok
05:30:22.0366 5424 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\system32\wscsvc.dll
05:30:22.0366 5424 wscsvc - ok
05:30:22.0366 5424 WSearch - ok
05:30:22.0553 5424 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
05:30:22.0569 5424 wuauserv - ok
05:30:22.0740 5424 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
05:30:22.0740 5424 WudfPf - ok
05:30:22.0803 5424 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
05:30:22.0803 5424 WUDFRd - ok
05:30:22.0850 5424 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
05:30:22.0850 5424 wudfsvc - ok
05:30:22.0896 5424 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
05:30:22.0896 5424 WwanSvc - ok
05:30:23.0146 5424 {55662437-DA8C-40c0-AADA-2C816A897A49} (74983addca2d9618512c088d856d6615) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
05:30:23.0146 5424 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok
05:30:23.0162 5424 MBR (0x1B8) (87eec56ba51d7cfd5e0925c20273c42a) \Device\Harddisk0\DR0
05:30:23.0520 5424 \Device\Harddisk0\DR0 - ok
05:30:23.0520 5424 Boot (0x1200) (3567bf5794a47768a203881f43e91aaa) \Device\Harddisk0\DR0\Partition0
05:30:23.0520 5424 \Device\Harddisk0\DR0\Partition0 - ok
05:30:23.0520 5424 Boot (0x1200) (792072ee9b60db50bc7910f8392b8199) \Device\Harddisk0\DR0\Partition1
05:30:23.0520 5424 \Device\Harddisk0\DR0\Partition1 - ok
05:30:23.0552 5424 Boot (0x1200) (55fc8ceb0698a80fb6ccc6709d4ea7ae) \Device\Harddisk0\DR0\Partition2
05:30:23.0567 5424 \Device\Harddisk0\DR0\Partition2 - ok
05:30:23.0567 5424 ============================================================
05:30:23.0567 5424 Scan finished
05:30:23.0567 5424 ============================================================
05:30:23.0614 5416 Detected object count: 0
05:30:23.0614 5416 Actual detected object count: 0


aswMBR:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-18 05:33:58
-----------------------------
05:33:58.599 OS Version: Windows x64 6.1.7600
05:33:58.599 Number of processors: 4 586 0x2502
05:33:58.599 ComputerName: SYDANDMELITTA UserName:
05:34:01.703 Initialize success
05:36:21.040 AVAST engine defs: 12071700
05:36:28.809 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
05:36:28.809 Disk 0 Vendor: Hitachi_ JP4O Size: 953869MB BusType: 3
05:36:28.824 Disk 0 MBR read successfully
05:36:28.824 Disk 0 MBR scan
05:36:28.840 Disk 0 unknown MBR code
05:36:28.840 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
05:36:28.856 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 940668 MB offset 206848
05:36:28.887 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 13099 MB offset 1926694912
05:36:28.934 Disk 0 scanning C:\Windows\system32\drivers
05:36:38.231 Service scanning
05:36:57.905 Modules scanning
05:36:57.905 Disk 0 trace - called modules:
05:36:57.952 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
05:36:57.967 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80057d9060]
05:36:57.967 3 CLASSPNP.SYS[fffff88000dc743f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80048bb050]
05:37:00.541 AVAST engine scan C:\Windows
05:37:05.128 AVAST engine scan C:\Windows\system32
05:40:25.122 AVAST engine scan C:\Windows\system32\drivers
05:41:04.918 AVAST engine scan C:\Users\Syd and Melitta
05:55:33.684 AVAST engine scan C:\ProgramData
05:58:48.594 Scan finished successfully
06:00:56.343 Disk 0 MBR has been saved successfully to "C:\Users\Syd and Melitta\Desktop\MBR.dat"
06:00:56.358 The log file has been saved successfully to "C:\Users\Syd and Melitta\Desktop\aswMBR.txt"

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:03 PM

Posted 17 July 2012 - 09:23 PM

Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 suppliersyd

suppliersyd
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:09:03 AM

Posted 17 July 2012 - 10:43 PM

Hi Gringo, I'm still getting re directs. Should I run this script anyway??

#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:03 PM

Posted 17 July 2012 - 10:51 PM

yes run it anyways and also let me know which browsers are getting redirected

verify all browsers that are installed


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 suppliersyd

suppliersyd
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:09:03 AM

Posted 18 July 2012 - 06:18 AM

Hi Gringo.
Thanks for all your help. It was chrome and ie. I needed this fixed ASAP so I got a professional out.

Apparently I had deleted most of it but needed some more done.

Will running this script have any chance of it bringing it back?

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:03 PM

Posted 18 July 2012 - 01:50 PM

no it will not bring it back - but I do not understand what you did?


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 suppliersyd

suppliersyd
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:09:03 AM

Posted 18 July 2012 - 07:18 PM

Sorry Gringo, I meant a professional IT person to fix it.
He commented on how well I (with your excellent help) did. I'm at work now, but will run the script and post back here soon.
Thanks again, you are a champion!

#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:03 PM

Posted 18 July 2012 - 09:04 PM

:thumbup2:
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:03 PM

Posted 20 July 2012 - 11:20 PM

Greetings


I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.

Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools




Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:03 PM

Posted 24 July 2012 - 11:57 PM

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:03 PM

Posted 27 July 2012 - 11:13 PM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users